| From: | "W(dot) Matthew Wilson" <matt(at)tplus1(dot)com> |
|---|---|
| To: | Daniele Varrazzo <daniele(dot)varrazzo(at)gmail(dot)com> |
| Cc: | psycopg(at)postgresql(dot)org |
| Subject: | Re: How do I use parameterized queries with LIKE? |
| Date: | 2012-05-29 00:30:31 |
| Message-ID: | CAGHfCUDiK+MVfiYywe=_SeZk9FZPgCd2Ea+Mfyp7K7kBiWmw0g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | psycopg |
On Mon, May 28, 2012 at 6:42 PM, Daniele Varrazzo
<daniele(dot)varrazzo(at)gmail(dot)com> wrote:
> If you have parameters in the query, % is used as placeholder prefix.
> You must use %% to include a literal % in the query:
>
> In [14]: cur.execute("""select email_address from customer where
> email_address like '%%' || %s || '%%'""", ('matt',))
>
> or you can add the % to the value instead of the query:
>
> In [17]: cur.execute("""select email_address from customer where
> email_address like %s""", ('%matt%',))
Thanks so much! I'm using the first solution, so that I can just
extract user-submitted data and pass it right in, rather than
prepending and appending '%' on the user data.
Matt
--
W. Matthew Wilson
matt(at)tplus1(dot)com
http://tplus1.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Federico Di Gregorio | 2012-05-29 06:28:58 | Re: How do I use parameterized queries with LIKE? |
| Previous Message | P. Christeas | 2012-05-28 22:44:26 | Re: How do I use parameterized queries with LIKE? |