Tuple to string problems

Heather Coppersmith me at privacy.net
Sun Aug 17 08:51:34 EDT 2003 

On Sun, 17 Aug 2003 12:37:19 +1000,
"Alastair G. Hogge" <agh at tpg.com.au> wrote:

> Sean Ross wrote:
>> 
>> "Alastair G. Hogge" <agh at tpg.com.au> wrote in message
>> news:3f3b9080 at dnews.tpgi.com.au...
>>> So basicly final_qu would be ('1','two','hello','2003-08-14','23:32:07')
>>> However has stated above type(final_qu) return tuple.
>> 
>> If final_qu is already a tuple of strings, and what you need is one string
>> with each string in the tuple concatenated, then you can do this:
>> 
>>>>> final_qu = ('1','two','hello','2003-08-14','23:32:07')
>>>>> final_qu_str = ' '.join(final_qu)
>>>>> final_qu_str
>> '1 two hello 2003-08-14 23:32:07'
>>>>> 
>> 
>> If you can't guarantee that each tuple element is a string, try this:
>>>>> final_qu_str = ' '.join([str(e) for e in final_qu])
>>>>> final_qu_str
>> '1 two hello 2003-08-14 23:32:07'
>>>>> 
>> 
>> [str(e) for e in final_qu] creates a list of a strings from the elements
>> [in
>> final_qu.
>> 
>> HTH
>> Sean
> OK. Sorry I didn't quite make myslef clear.
> final_qu is a string for pydb. The string should be something link:
> INSERT INTO foo VALUES "('1','two','hello','2003-08-14','23:32:07')"
> I need the () and each value must be inclosed in '' for the database
> interface.

Having just been through this myself, you're playing with fire:  what if
one of those strings contains a quote character (single or double)?

Let the database interface do the quoting for you.  I don't know what
your table looks like, but I see two possibilities (all code untested):

If your table contains a single column in which you're trying to put
that whole string:

    sql = """INSERT INTO foo VALUES (%s)"""
    params = (repr( final_qu ),) # "str" may work here, too
    pydbcursor.execute( sql, params )

If your table contains five columns, one for each element of that tuple:

    sql = """INSERT INTO foo VALUES (""" \
          + ','.join( ['%s'] * len( final_qu ) ) \
          + """)"""
    params = final_qu
    pydbcursor.execute( sql, params )

HTH,
Heather

-- 
Heather Coppersmith
That's not right; that's not even wrong. -- Wolfgang Pauli

More information about the Python-list mailing list