[python-win32] question on odbc package
Chris Ingram
Chris.Ingram@Synchrologic.com
Thu, 12 Apr 2001 13:45:52 -0400
The easiest way to send that type of data to the database through ODBC would
be to pass the data as bound parameters to the execute call. If you had
some Python string variable containing the data (in your case, the
'!@#%^&*()'), then you'd replace where that value would be in the SQL
statement with a question mark and then refer to the data in the second
optional list parameter. For example:
theData = '!@#%^&*()'
crsr.execute ("INSERT INTO TABLE_NAME VALUES (?)", [theData])
If you had more than one bound parameter (more than one question mark in the
SQL statement), then your list would contain more than one element.
I hope this helps.
--
Chris Ingram
Synchrologic, Inc.
Email: Chris.Ingram@synchrologic.com
-----Original Message-----
From: Shae Erisson [mailto:shae@webwitches.com]
Sent: Thursday, April 12, 2001 1:31 PM
[...]
I'm currently fighting with odbc myself, I'm trying to figure out how to
correctly escape random characters so I can put them into a large text
field.
Is there already a function that escapes characters somewhere? Is there a
better way to do it?
Specifically, I'd like to be able to: "INSERT INTO TABLE_NAME VALUES
('!@#%^&*()')"
I'm also curious how to use the vars part of "cursor.execute(sql, vars=[])"
That's all the documentation says, does anyone know how to use this?
Is it just like parameters to stored procedures?