MySQL Connector/Python

About parameters

Asked by JV on 2010-03-23

Hi,

Seems that ?-style parameters are not supported. Is this true? Will this style be supported in future?

Also with a quick look seems code is vulnerable for sql injection. Parameters are just replaced as they are into sql clause. Can someone confirm this?

-jv

Question information

Language:: English Edit question

Status:: Answered

For:: MySQL Connector/Python Edit question

Assignee:: Geert JM Vanderkelen Edit question

Last query:: 2010-03-23

Last reply:: 2010-03-24

Link existing bug

Revision history for this message

Geert JM Vanderkelen (geertjmvdk) said on 2010-03-24:

There are no plans to support the ?-style or qmark-parameter style.
Supported are 'format' and 'pyformat', the latter being more preferred (because more explicit).

It is possible to implemented this inheriting from MySQLCursor and implementing it, if really needed.

Can you help with this problem?

Provide an answer of your own, or ask JV for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

MySQL Connector/Python

About parameters

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers