Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What’s the best way to make psycopg2 pass parameterized queries to PostgreSQL? I don’t want to write my own escpaing mechanisms or adapters and the psycopg2 source code and examples are difficult to read in a web browser.
If I need to switch to something like PyGreSQL or another python pg adapter, that’s fine with me. I just want simple parameterization.
psycopg2follows the rules for DB-API 2.0 (set down in PEP-249). That means you can callexecutemethod from yourcursorobject and use thepyformatbinding style, and it will do the escaping for you. For example, the following should be safe (and work):Edit: tekHedd’s comment rightly points out that the
SELECTand theDROP TABLEused different table names, so I fixed it.