Escape input data for postgres

问题

I writing a python script for inserting of data in my postgres db.

Is in postgres a escape function how I can escape the inserted data?

回答1:

Just pass query parameters as a second argument to execute, like:

>>> cur.execute(
...     """INSERT INTO some_table (an_int, a_date, a_string)
...         VALUES (%s, %s, %s);""",
...     (10, datetime.date(2005, 11, 18), "O'Reilly"))

Then, all of the parameters will be properly escaped.

This is because psycopg2 follows Python Database API Specification v2.0 and supports safe parameterized queries.

Also see:

Parameterized queries with psycopg2 / Python DB-API and PostgreSQL
psycopg2 equivalent of mysqldb.escape_string?

来源：https://stackoverflow.com/questions/18292019/escape-input-data-for-postgres

标签

python

database

postgresql

psycopg2

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!