On Mon, Dec 5, 2016 at 9:52 AM, Steve D'Aprano <steve+pyt...@pearwood.info> wrote: > I'm not sure how to interpret this error, so I'm guessing. Please correct me > if I'm wrong, but doesn't this mean that your column is called: > > single quote R single quote > > that is, literally 'R', which means that if you were using it in Python > code, you would have to write the column name as this? > > "'R'" >
AIUI this is meant to be a string literal, which in SQL is surrounded by single quotes. This also means that anyone who's using this script needs to be comfortable with writing raw SQL; plus, there's no protection against SQL injection, so anyone using the script has to have full database permission. The best solution might well be to change the protocol somewhat: instead of taking raw SQL on the command line, take "column=value", parse that in Python, and provide the value as a string (or maybe as "int if all digits else string"). ChrisA -- https://mail.python.org/mailman/listinfo/python-list
