En Tue, 23 Oct 2007 20:50:55 -0300, Michael Pelz Sherman <[EMAIL PROTECTED]> escribió:
> Leif B. Kristensen wrote: > >>>> SQL = 'INSERT into TEMP data = %s' >>>> c.execute(SQL, """ text containing ' and ` and all other stuff we >>> . might >>> . read from the network""") >> >>> Sure, but does this work if you need more than one placeholder? > >> Yes it works with more than one placeholder. > > Yes, BUT: I have found that all of the placeholders must be STRINGS! > > If I try to use other data types (%d, %f, etc.), I get an error: > > File "/usr/lib/python2.5/site-packages/MySQLdb/cursors.py", line 149, in > execute > query = query % db.literal(args) > TypeError: float argument required > > It's not a huge problem to convert my non-string args, but it > seems like this should be fixed if it's a bug, no? No. The *MARK* is always %s - but the data may be any type (suitable for the database column, of course). The only purpose of %s is to say "insert parameter here". Other adapters use a question mark ? as a parameter placeholder, a lot less confusing, as it does not look like string interpolation. -- Gabriel Genellina -- http://mail.python.org/mailman/listinfo/python-list
