Is it possible to use Bind variables with Python?

I am using sqlanydb latest release and have tried without success each of the methods mentioned here

my preferred method is pyformat but this raises error:

select something from table where something = %(bindvar)s': b"Syntax error near '%' on line 1"

PEP249

Sybase docs for bind variables

asked 06 Jan '16, 05:47

toasteez's gravatar image

toasteez
71115
accept rate: 0%

it seems that this form is supported:

sql = "select something from table where something = '%s'" %strvar

cursor.execute(sql)

This is not ideal as it would leave code open to injection, does it support something as explained here:

http://stackoverflow.com/questions/24408557/pandas-read-sql-with-parameters

(06 Jan '16, 06:45) toasteez

This works:

sql = "select something from table where something = :bindvar"

In pandas use the list method:

pd.read_sql(sql, db, params=[bindvar])

permanent link

answered 06 Jan '16, 07:03

toasteez's gravatar image

toasteez
71115
accept rate: 0%

You can use the question mark format:

import sqlanydb
conn = sqlanydb.connect(dsn="SQL Anywhere 17 Demo",uid="dba",pwd="sql",charset="utf-8")
sql = "select Surname from GROUPO.Customers where city = ?"
cur = conn.cursor()
cur.execute(sql, ("Newmarket", ))
print(cur.fetchone()[0])
>  Phillips
permanent link

answered 07 Jan '16, 16:03

Tom%20Slee's gravatar image

Tom Slee
1.3k21629
accept rate: 29%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×41
×21

question asked: 06 Jan '16, 05:47

question was seen: 3,855 times

last updated: 07 Jan '16, 16:03