Help: Omitting quotes from SQL Queries.
Daniel Dittmar
daniel at dittmar.net
Tue Jan 7 12:20:01 EST 2003
keithk wrote:
> I am using an mx.ODBC connection to MSSQL and am iterating through a
> list to get data from the DB, for eg:
>
> for fileName in fileNameList:
> cursor.execute("SELECT fileSize FROM database where
> database.filename = '%s'" % fileName)
> fileSizes = cursor.fetchall()
>
> However, when it iterates through the list and fileName equals something
> like "Hello World's" with a single quote inside the query fails as the
> string is ended prematurely, does anybody know how I can solve this?
Use the version of execute with parameters
.execute ("SELECT ...",[fileName])
and let the driver worry about quoting.
Daniel
More information about the Python-list
mailing list