problem with quoted strings while inserting into varchar field of database.
Stefan Sonnenberg-Carstens
stefan.sonnenberg at pythonmeister.com
Mon May 7 11:16:09 EDT 2007
On Mo, 7.05.2007, 16:50, Carsten Haese wrote:
> On Mon, 2007-05-07 at 07:26 -0700, Daniele Varrazzo wrote:
>> > >> >> > cur.execute("INSERT INTO datatable (data) VALUES (%s);",
>> > >> >> > (pickled_data,))
>>
>> > %s is not a placeholder IMHO.
>>
>> > What happens when using %s is, that the string given will be inserted
>> where
>> > %s is; that is something python does as with every print or such.
>>
>> It is indeed. The behavior you describe would be true if i had used
>> the "%" operator. Read better what i have written: There is no "%"
>> operator.
>
> This confusion is precisely why I think the (py)format paramstyles
> should be deprecated in a future version of the DB-API spec. Question
> marks make it immediately obvious that something other than string
> formatting is happening, and if I'm not mistaken, question marks are SQL
> standard.
>
> --
> Carsten Haese
> http://informixdb.sourceforge.net
>
>
> --
> http://mail.python.org/mailman/listinfo/python-list
>
>
At least, qmark style is well known to people working with
prepared stmts etc.
They look "natural" - and avoid (even my!) mistakes.
On python-forum.de there was a discussion regarding inserting
data into a sqlite db recently. If I remember correctly the guy
was using the "%s" % data approach (yes, % operator) and failed.
The pysqlite driver did the right thing using the qmark style.
Even in the "Python phrasebook" there are examples of this ugly style.
A deprecation warning for now would be fine.
More information about the Python-list
mailing list