curious paramstyle qmark behavior
Jean-Paul Calderone
exarkun at divmod.com
Fri Oct 20 16:28:20 EDT 2006
On 20 Oct 2006 13:06:58 -0700, BartlebyScrivener <rpdooling at gmail.com> wrote:
>With
>
>aColumn = "Topics.Topic1"'
>
>The first statement "works" in the sense that it finds a number of
>matching rows.
>
>c.execute ("SELECT Author, Quote, ID, Topics.Topic1, Topic2 FROM
>QUOTES7 WHERE " + aColumn + " LIKE ?", ("%" + sys.argv[1] + "%",))
>
>I've tried about 20 different variations on this next one. And it finds
>0 records no matter what I do. Is there some violation when I use two
>qmarks?
>
>c.execute ("SELECT Author, Quote, ID, Topics.Topic1, Topic2 FROM
>QUOTES7 WHERE ? LIKE ?", (aColumn, "%" + sys.argv[1] + "%"))
>
>I'm using mx.ODBC and Python 2.4.3 to connect to an MS Access DB.
Bind parameters aren't a general interpolation mechanism. Typically,
you cannot use them with database, table, or column names. Likewise,
this won't work:
execute("SELECT foo ? bar WHERE baz", ("FROM",))
The rule is difficult to express simply (at least, I have never seen
it expressed simply), but it goes something like "bind parameters only
work on values, not schema elements or syntactic constructs".
Jean-Paul
More information about the Python-list
mailing list