On 4/20/06 13:08, "Dieter Maurer" <[EMAIL PROTECTED]> wrote:
> M.-A. Lemburg wrote at 2006-4-19 20:36 +0200: >> ... >> Actually, I don't think that parsing SQL is really necessary >> at all: in all the years I've used qmark style, I've never come >> across a situation where a SQL literal would include a question >> mark. > > I do not think this is a good idea. '?' are perfectly legal > in string literals and there they conventionally > do *NOT* mean "insert a parameter". Umm ... thing is, the ? placeholder markers in a SQL string _don't_ occur within string literals. That is, when you construct a SQL statement containing placeholder markers, you don't write the placeholders within quote marks. The parameter substitution mechanism adds quotes as necessary when it substitutes a data value for a placeholder. If this were not true, then binding NULL to a placeholder would not be possible. If you wrote '?' rather than ?, NULL would incorrectly become 'NULL' and thus would itself become a literal string in the statement. >> In reality, it all boils down to doing a simple search for >> '?' in the string - after all, you usually pass strings in via >> bound parameters. > > Zope, at least, would be unhappy, as it does not (yet) support > bound parameters. > _______________________________________________ DB-SIG maillist - DB-SIG@python.org http://mail.python.org/mailman/listinfo/db-sig
