parametrizing a sqlite query
Diez B. Roggisch
deets at nospam.web.de
Wed Feb 24 13:12:59 EST 2010
Am 24.02.10 18:07, schrieb Sebastian Bassi:
> c.execute("SELECT bin FROM bins WHERE qtl LIKE '%:keys%'",{'keys':keywords})
>
> This query returns empty. When it is executed, keywords = 'harvest'.
> To check it, I do it on the command line and it works as expected:
>
> sqlite> SELECT bin FROM bins WHERE qtl LIKE '%harvest%';
> 11C
> 11D
> 12F
>
> I guess there is a problem with the "%".
You aren't supposed to put ' into the query. The thing you pass needs to
be the full literal.
Use
c.execute("select ... qtl like :keys", dict(keys="%%%s%%" % keywords))
Diez
More information about the Python-list
mailing list