escape string to store in a database?

jim-on-linux inq1ltd at inqvista.com
Fri Mar 14 15:48:39 CET 2008


> > --
> > Carsten
> > Haesehttp://informixdb.sourceforge.net
>
> Thanks for the reply, Carsten, how would
> this work with UPDATE command? I get this
> error:
>
>         cmd = "UPDATE items SET content =
> ? WHERE id=%d" % id

try this;

("update items set contents = (?) where id 
=(?)", [ x, y] )
put your data in a list 

or

("update items set contents = (?) where id 
=%d ", [ x] )


below statement "uses 1" refers to the one 
(?) , 0 supplied, means no list or none in 
list.

jim-on-linux
http://www.inqvista.com
>
>     self.cursor.execute(cmd, content)
> pysqlite2.dbapi2.ProgrammingError:
> Incorrect number of bindings supplied. The
> c
> rrent statement uses 1, and there are 0
> supplied.
>
> Sqlite site doesn't give any details on
> using parameter bindings in UPDATE
> command, I'm
> going to look around some more.. -ak



More information about the Python-list mailing list