%s place holder does not let me insert ' in an sql query with python.

Steve Holden steve at holdenweb.com
Mon Dec 15 18:35:36 CET 2008


Lamonte Harris wrote:
> I had this problem too.  If you've upgraded to python 2.6 you need to
> use the new sytnax "format
> 
> queryString = "insert into venders
> values('{0}','{1}','{2}'".format(field1,field2,field3)
> 
Will all readers of this thread kindly regard this as an example of how
*not* to generate and execute SQL queries in Python. Study the
cursor.execute() method, and provide parameterized queries and a data
tuple instead.

Please also note that the above technique explicitly continues to
generate SQL syntax errors in Krishnakan's case where the data values
themselves contain apostrophes.

regards
 Steve
-- 
Steve Holden        +1 571 484 6266   +1 800 494 3119
Holden Web LLC              http://www.holdenweb.com/




More information about the Python-list mailing list