Re: [webpy] Help with db.select with multiple optional WHERE conditions

Sun, 23 Jun 2013 00:30:10 -0700 

It's not a problem to concatenate the where clause, but you should avoid 
inserting the parameters via string concatenation because they have to be 
properly escaped. I'd try something like this:

def get_content(title=None, type_=None):
    where = '1=1' #this is a bogus test to simplify the concatenation
    if title:
        where += ' AND title=$title'
    if type_:
        where += ' AND type=$type'
    return db.select('content', where=where, vars=dict(title=title, type=type_))

Cheers,
Ole.



Am 23.06.2013 um 00:40 schrieb Marios Zindilis:

> I want to run a SELECT query on my database, in which there might be 0 or 1 
> or 2 WHERE conditions. The query runs in a function, e.g:
> 
> def GetContent(Title=None, Type=None):
>  return db.select('Content')
> 
> What I want to do is use the Title and Type parameters as WHERE conditions, 
> for example if only Title is specified, the query would be:
> 
> SELECT * FROM Content WHERE Title='The Title';
> 
> Or if only Type is specified, then the query should be:
> 
> SELECT * FROM Content WHERE Type='A';
> 
> But if both are defined then:
> 
> SELECT * FROM Content WHERE Type='A' AND Title='The Title';
> 
> I don't get how to create the 'WHERE ... AND ...' thing properly in web.py, 
> and Anand said in another message on the list that it's a bad idea to build 
> the query by concatenating strings.
> 
> -- 
> Marios Zindilis
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "web.py" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/webpy.
> For more options, visit https://groups.google.com/groups/opt_out.
> 
> 

-- 
Ole Trenner
<[email protected]>




-- 
You received this message because you are subscribed to the Google Groups 
"web.py" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/webpy.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to