String substitution VS proper mysql escaping
MRAB
python at mrabarnett.plus.com
Sat Aug 28 15:35:08 EDT 2010
More information about the Python-list mailing list
Sat Aug 28 15:35:08 EDT 2010
- Previous message (by thread): String substitution VS proper mysql escaping
- Next message (by thread): String substitution VS proper mysql escaping
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 28/08/2010 20:10, Νίκος wrote: > On 20 Αύγ, 09:04, Nik Gr<nikos.the.gr... at gmail.com> wrote: >> With regard to the "%" operator, it considers the string on the left to >> be a format string with multiple %blah things in it to replace. The >> thing on the right is a sequence of items to place into the format >> string. > > Can you please clarify what you mean by that? > Basically: format_string % (item_1, item_2, item_3) >> In you usage above you're supplying "page" instead of "(page,)". >> The latter matches the .execute() method's requirements. > > I tried it and "page" as a string and not a as a single element tuple > works ok. Although the .execute() method might accept a single string: cursor.execute(sql_query, page) as well as a tuple containing the string: cursor.execute(sql_query, (page, )) try to be consistent. As I said before: """When there's more than one value you provide a tuple. It's makes sense from the point of view of consistency that you also provide a tuple when there's only one value."""
- Previous message (by thread): String substitution VS proper mysql escaping
- Next message (by thread): String substitution VS proper mysql escaping
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list