On Fri, May 17, 2013 at 5:17 PM, Christoph Zwerschke <c...@online.de> wrote: > > Hm, I forgot DBAPI does not care about SQL; it replaces parameters even > inside SQL strings. So then, you're right, it can be ambiguous. > > By the way, this is really unclear from the DBAPI 2 documentation: > > The example in the dbapi 2 docs is "WHERE name=?" and "WHERE name=%s" which > seems to indicate that the value is automatically put in quotes, > particularly in view of footnote 5 which says "The client should not be > required to "escape" the value so that it can be used — the value should be > equal to the actual database value." In this example this means, the value > would be a string without surrounding quotes. The example clause should then > be "WHERE name='?'" and "WHERE name='%s'".
Quite the contrary: the quotes should never appear in the query and these examples are correct but... > Maybe this should be changed in DBAPI 3? This would allow the driver to use > prepared statements under the hood. ... I would limit this thread to the issue of the paramstyle and leave everything wished for dbapi3 to a different thread. -- Daniele _______________________________________________ DB-SIG maillist - DB-SIG@python.org http://mail.python.org/mailman/listinfo/db-sig
