> > Also, is this a good way to use variables in an insert/update
> > statement, or is there a better way?
> >
> > sql = "insert into test(a,b) values('%s','%s')" % (a,b)
> > cursor.execute(sql)
>
> If you do it like this:
>
> sql = "INSERT INTO test(a, b) VALUES(%s, %s)" # no quotes around the %
snacktime wrote:
I'm used to using the perl DBI and not very familiar with the python
DB-API. I am using PyGreSQL. My question is what is the standard way
to quote strings in sql queries? I didn't see any quoting functions
in the DB-API docs. Is quoting handled internally by the PyGreSQL
module
I'm used to using the perl DBI and not very familiar with the python
DB-API. I am using PyGreSQL. My question is what is the standard way
to quote strings in sql queries? I didn't see any quoting functions
in the DB-API docs. Is quoting handled internally by the PyGreSQL
module?
Also, is this
