How to properly escape strings when manually building SQL queries in SQLAlchemy?

前端 未结 4 1036
我在风中等你
我在风中等你 2021-02-14 15:29

I am using SQLAlchemy to connect to different databases in Python, but not with the ORM support as this cannot be implemented due to several reasons.

Mainly I do build a

4条回答
  •  心在旅途
    2021-02-14 15:56

    You should not try to implement your own escaping, but should instead use SQLAlchemy's builtin method:

    sql = 'select * from foo where fieldname = :name'
    result = connection.execute(sql, name = myvar)
    

提交回复
热议问题