Python将变量放入sql FROM语句中
嗨,我正在尝试做一个sql语句,我能够在python中给出表和wherePython将变量放入sql FROM语句中,python,sql,Python,Sql,嗨,我正在尝试做一个sql语句,我能够在python中给出表和where SQL = "SELECT * FROM (%s) WHERE team_number=(%s) AND match_number=(%s);" DATA = ('data', 2, 3) cur.execute(SQL, DATA) query = cur.fetchall() 我得到的错误是psycopg2.ProgrammingError:在“'data'”处或附近出现语法错误 和从('data')中选择*,其中团
SQL = "SELECT * FROM (%s) WHERE team_number=(%s) AND match_number=(%s);"
DATA = ('data', 2, 3)
cur.execute(SQL, DATA)
query = cur.fetchall()
psycopg2.ProgrammingError:在“'data'”处或附近出现语法错误从('data')中选择*,其中团队编号=(2)和匹配编号=(3)注意:我正在使用(%s)停止sql注入大多数准备好的语句API(包括Python)不允许将表名或列名作为参数。相反,您必须硬编码表名:
SQL = "SELECT * FROM data WHERE team_number=(%s) AND match_number=(%s);"
DATA = (2, 3)
cur.execute(SQL, DATA)
query = cur.fetchall()
user