pymssql - How do I use SQL parameters with python?

Question

Welcome To Ask or Share your Answers For Others

pymssql - How do I use SQL parameters with python?

asked Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

pymssql - How do I use SQL parameters with python?

I am using python 2.7 and pymssql 1.9.908.

In .net to query the database I would do something like this:

using (SqlCommand com = new SqlCommand("select * from Customer where CustomerId = @CustomerId", connection))
{
    com.Parameters.AddWithValue("@CustomerID", CustomerID);
    //Do something with the command
}

I am trying to figure out what the equivalent is for python and more particularly pymssql. I realize that I could just do string formatting, however that doesn't seem handle escaping properly like a parameter does (I could be wrong on that).

How do I do this in python?

Question&Answers:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-10-16T22:26:20+0000

After creating a connection object db:

cursor = db.execute('SELECT * FROM Customer WHERE CustomerID = %s', [customer_id])

then use any of the fetch... methods of the resulting cursor object.

Don't be fooled by the %s part: this is NOT string formatting, it's parameter substitution (different DB API modules use different syntax for parameter substitution -- pymssql just happens to use the unfortunate %s!-).

Categories

pymssql - How do I use SQL parameters with python?

pymssql - How do I use SQL parameters with python?

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags