On 2015-02-19 15:04, Mark Lawrence wrote: > On 19/02/2015 14:17, Tim Chase wrote: >>>> Parameterized queries is just a pet peeve of mine that I wish to >>>> include here. SQLite misses it and I miss the fact SQLite misses >>>> it. The less SQL one needs to write in their code, the happier >>>> one should be. >>> >>> Instead, use the DB-API’s parameter substitution. Put ? as a >>> placeholder wherever you want to use a value, and then provide a >>> tuple of values as the second argument to the cursor’s execute() >>> method. (Other database modules may use a different placeholder, >>> such as %s or :1.) For example:..." >> >> I think Mario was referring to what other back ends call prepared >> statements. > > Is this > https://docs.python.org/3/library/sqlite3.html#sqlite3.Cursor.executemany > an equivalent?
Depends on whether sqlite3.Cursor.executemany() uses https://www.sqlite.org/c3ref/stmt.html under the hood. -tkc -- https://mail.python.org/mailman/listinfo/python-list
