prepared statements using psycopg

StackOverflow https://stackoverflow.com/questions/9866350

Frage

I'm a beginner at python. We use this code to execute SQL commands.

cur.execute("INSERT INTO test (num, data) VALUES (%s, %s)", (100, "abcdef"))

I wonder is this prepared statement or just a client side quoting?

War es hilfreich?

Lösung

No, it does not, not for psycopg2 at least. The "Prepare" in the docs refers to a "PREPARE TRANSACTION" which is entirely different than a prepared statement.

You can emulate a prepared statement, by overriding the methods or executing extra statements, however. See: An example of psycopg2 cursor supporting prepared statements

Please see: relevant blog entry for psycopg.

More information:

http://www.postgresql.org/docs/9.2/static/sql-prepare.html
http://www.postgresql.org/docs/current/static/sql-prepare-transaction.html

Andere Tipps

According to the docs the execute method will "Prepare and execute a database operation (query or command).". So yes, it is a prepared statement.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top