I'm trying to execute a query using pyodbc with this kind of code
cursor.execute("SELECT x from y where Name='%s'"%namepar)
The parameter may have a quote and so it needs to be escaped in order to work, how do i do thos? I tried by simply replacing " ' " with " \\' " in namepar and it still doesn't work, I get a pyodbc.ProgrammingError
You can pass parameters, and that will be escaped.
cursor.execute("SELECT x from y where Name = ?", (namepar,))
来源:https://stackoverflow.com/questions/17139487/pyodbc-query-string-quote-escaping