ahq
Reputation: 71
parameterised postgresql select statement using python
sql="select %s,tablename from pg_table_def where tablename like (%s)"
data=("schemaname","abc",)
cur.execute(sql,data)
If I pass a value as described above, then the select takes it as a string. Which is not the intention.
If I try
data=(schemaname,"abc",)
then it shows the error global name 'schemaname' is not defined.
Upvotes: 0
Views: 46
Answers (1)
Mureinik
Reputation: 311796
You cannot parameterize object name (in this case, a column name) that way. You could instead resort to string manipulation:
column = "schemaname"
sql = "select {}, tablename from pg_table_def where tablename like (%s)".format(column)
data= ("abc",)
cur.execute(sql,data)
Upvotes: 2
Related Questions
- Lambda function python script using psycopg2
- Pass Python list as a input to Redshift in SQL
- make parameterized SQL select statement with psycopg2 in python
- Psycopg2 - Passing variable in the where clause
- How to Put a Select * Postgres/Redshift Query results into a dictionary(column/value)
- Python - Dynamic variable in Redshift SQL Query
- psycopg2 query not parsing parameters properly?
- Passing a list of column names to a query in psycopg2
- parameterizing a query in Postgres using Python
- Return SQL Query results as a variable in python