can somebody please recomend me some python DBAL library that will best suit my

Question

0

Asked: May 24, 20262026-05-24T13:45:22+00:00 2026-05-24T13:45:22+00:00

can somebody please recomend me some python DBAL library that will best suit my

0

can somebody please recomend me some python DBAL library that will best suit my requirements. I would like to write my sql statements directly, most of the logics will be in db stored procedures (postgresql), so I only need to invoke db procedures, pass arguments to them and fetch the results. The library should help me with quoting (preventing sql inject).
I played with sqlalchemy, but i think that there is no quoting helper when writing sql statement directly to engine.execute method.

Thank you

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-24T13:45:23+00:00

Editorial Team

2026-05-24T13:45:23+00:00Added an answer on May 24, 2026 at 1:45 pm

You should have given sqlalchemy a deeper look; It does a fine job of quoting placeholders:

>>> engine = sqlalchemy.create_engine("sqlite:///:memory:")
>>> engine.execute("select ?", 5).fetchall()
[(5,)]
>>> engine.execute("select ?", "; drop table users; --").fetchall()
[(u'; drop table users; --',)]

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

can somebody please recomend me some python DBAL library that will best suit my

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply