在我们需要手动构建查询的情况下如何使用查询参数?
我正在使用 Python 2 并具有以下代码:
with conn.cursor() as cursor:
info("Updating {} records".format(len(records_to_update)))
for record in records_to_update:
query = "UPDATE my_table SET "
params_setters = []
# Process all fields except wsid when updating
for index, header in enumerate(DB_COLUMNS_IN_ORDER[1:]):
if record[index] is not None:
params_setters.append("{} = '{}' ".format(header, record[index]))
query += " , ".join(params_setters)
query += " WHERE id = '{}'".format(record[0])
cursor.execute(query)
如何在此处使用查询参数进行转义,而不必在以下位置手动进行:
params_setters.append("{} = '{}' ".format(header, record[index]))
MM们浏览 84回答 1
1回答
-
人到中年有点甜
如果我理解你的问题,你想使用准备好的陈述。如果您使用的%s是用于表示查询参数的驱动程序(SQLite 使用?),则:with conn.cursor() as cursor: info("Updating {} records".format(len(records_to_update))) params = [] for record in records_to_update: query = "UPDATE my_table SET " params_setters = [] # Process all fields except wsid when updating for index, header in enumerate(DB_COLUMNS_IN_ORDER[1:]): if record[index] is not None: params_setters.append("{} = %s ".format(header)) params.append(record[index]) query += " , ".join(params_setters) query += " WHERE id = %s" params.append(record[0]) cursor.execute(query, params)
随时随地看视频慕课网APP
相关分类
Python