QuoteSQL
Tim Chase
python.list at tim.thechases.com
Tue Sep 26 10:17:25 EDT 2006
> "Need" is a strong word unless something like the
> following doesn't work for some reason:
>
> cur.execute("select * from people where last_name in
> (%s,%s,%s)", (name1, name2, name3) )
Which could be nicely generalized to something like
>>> t = (name1, name2, name3)
>>> cur.execute("select * from people where last_name in (%s)" %
','.join('%s' for i in xrange(len(t))),
t)
which will create the number of items in the formatting-string on
the fly, and then map the tuple using standard DB escaping
methods. With older versions of Python, one might have to wrap
the contents of the join() call in [...]
-tkc
More information about the Python-list
mailing list