Python sql escape single quote
I've tried all manner of Python modules and they either escape too much or in the wrong way. What's the best way you've found to escape quotes (", ') in Python? Show
user7610 22.2k12 gold badges111 silver badges134 bronze badges asked May 22, 2009 at 9:16
Jonathan PriorJonathan Prior 5,8847 gold badges28 silver badges26 bronze badges 2 If it's part of a Database query you should be able to use a Parameterized SQL Statement. As well as escaping your quotes, this will deal with all special characters and will protect you from SQL injection attacks.
Samuel Liew♦ 73.6k106 gold badges157 silver badges238 bronze badges answered May 22, 2009 at 9:30
David WebbDavid Webb 187k57 gold badges308 silver badges298 bronze badges 7 Use
answered Feb 18, 2013 at 6:25
2 The easy and standard way to escape strings, and convert other objects to programmatic form, is to use the built in E.g.:
No weird hacks, it's built in and it just works for most purposes.
Caner 54.8k35 gold badges169 silver badges175 bronze badges answered Dec 3, 2012 at 3:27
GregDGregD 7357 silver badges14 bronze badges 3 Triple single quotes will conveniently encapsulate the single quotes often used in SQL queries:
answered Jan 30, 2018 at 23:51
RoyRoy 2622 silver badges8 bronze badges If using psycopg2, its
Note, that you are giving two arguments to execute method (string and tuple), instead of using Python's % operator to modify string. Answer stolen from here: psycopg2 equivalent of mysqldb.escape_string?
Dan Getz 8,2766 gold badges30 silver badges61 bronze badges answered Jun 18, 2016 at 12:36
ex4ex4 2,1301 gold badge11 silver badges19 bronze badges For a solution to a more generic problem, I have a program where I needed to store any set of characters in a flat file, tab delimited. Obviously, having tabs in the 'set' was causing problems. Instead of output_f.write(str), I used output_f.write(repr(str)), which solved my problem. It is slower to read, as I need to eval() the input when I read it, but overall, it makes the code cleaner because I don't need to check for fringe cases anymore. answered Mar 11, 2010 at 22:28
1 Triple-double quotes are best for escaping: string = """This will span across 'single quotes', "double quotes", and literal EOLs all in the same string.""" answered Jan 27, 2012 at 1:44 1 For my use case, I was saving a paragraph against the database and somewhere in the paragraph there might have been some text with a single quote I found this to work best:
You'll notice that I use answered May 16, 2019 at 0:51
dataviewsdataviews 1,8814 gold badges16 silver badges54 bronze badges How do you escape a single quote in SQL Python?Use Literal Quoting
Another SQL escape single quote method you can use in Oracle is “literal quoting”. This means you can put the letter “q” in front, followed by your escape character, then square brackets. This means that any quotes inside the square brackets are not escaped.
How do you escape a single quote?Single quotes need to be escaped by backslash in single-quoted strings, and double quotes in double-quoted strings.
How do I escape a single quote in spark SQL?generally when u deal with apostrophe u replace the the single quote(') with ('').
What is single quote in SQL?Single quotes are used to indicate the beginning and end of a string in SQL. Double quotes generally aren't used in SQL, but that can vary from database to database. Stick to using single quotes. That's the primary use anyway.
|