String substitution VS proper mysql escaping
Rami Chowdhury
rami.chowdhury at merton.oxon.org
Sat Aug 28 16:07:27 EDT 2010
2010/8/29 Νίκος <nikos.the.gr33k at gmail.com>:
> On 28 Αύγ, 22:35, MRAB <pyt... at mrabarnett.plus.com> wrote:
>
>> """When there's more than one value you provide a tuple. It's makes sense
>> from the point of view of consistency that you also provide a tuple when
>> there's only one value."""
>
> Can you write something that make use of more than one value?
>
>
> Perhaps you mena somethign like?
>
> cursor.execute( '''SELECT hits FROM counters WHERE page = %s and date
> = %s and host = %s''' , (page,) )
>
> Is this what you mean?
>
> All those special format strign identifiers will grab their values out
> of the tuple?
Yes, that's exactly right -- they'll try to grab values out of the
tuple, and since in that particular code snippet the tuple doesn't
contain enough items, you'll get an error :-)
HTH,
Rami
--
Rami Chowdhury
"Never assume malice when stupidity will suffice." -- Hanlon's Razor
408-597-7068 (US) / 07875-841-046 (UK) / 0189-245544 (BD)
More information about the Python-list
mailing list