I’m coming from PHP background. When composing SQL queries I tend to do something

Question

0

Asked: May 29, 20262026-05-29T17:36:05+00:00 2026-05-29T17:36:05+00:00

I’m coming from PHP background. When composing SQL queries I tend to do something

0

I’m coming from PHP background. When composing SQL queries I tend to do something like this:

$query = '
SELECT
    *
FROM `table` AS t
WHERE 
    t.`categoryID` = '.$categoryID.'
';

if(!empty($recordID))
{
$query .= '
    AND t.`recordID` = '.$recordID.'
';
}

$data = $db->fetchAll($query);

What would be the best/most efficient way of doing this in Python?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-29T17:36:07+00:00

There are many way you can achieve it using Python. The simplest would be to either use the format string syntax or the Template object.

The advantage of the format string syntax is that you don’t need to use another object. Example:

query = "SELECT * FROM `table` AS t WHERE t.`categoryID`={}".format(category_id)
if record_id:
    query += " AND t.`recordID`={}".format(record_id)

Although most of the time the database Python wrapper will let you make it more secure (preventing SQL injection):

cursor.execute("UPDATE Writers SET Name = %s WHERE Id = %s", ("Leo Tolstoy", "1"))

You maybe interested in these links:

Here is how it can work for Postgresql:

ps = db.prepare("SELECT * FROM information_schema.tables WHERE table_name = $1 LIMIT $2")
ps("tables", 1)

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m coming from PHP background. When composing SQL queries I tend to do something

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply