I am trying to take where query as input in Postgres using python. Can anyone help me?
cur.execute("SELECT * from home_curd where consumer_type=" a)
CodePudding user response:
You can achieve this by passing parameters to the query:
cur.execute("SELECT * FROM home_curd WHERE cosumer_type = %s", (a,))
You can also use parameterized query for this. That means you can call execute
method from your cursor object and use the pyformat
binding style, and it will do the escaping for you. For example, the following should be safe (and work):
cur.execute("SELECT * FROM home_curd WHERE consumer_type = %(consumer_type)s",
{"consumer_type": a})