sql python上查询字符串位置的动态绑定
dict中的我的查询字符串用于筛选WHERE子句上的数据sql python上查询字符串位置的动态绑定,python,mysql,sql,Python,Mysql,Sql,dict中的我的查询字符串用于筛选WHERE子句上的数据 parameters = { "manufacuturerId": "1", "fileName": "abc1234 ", "categoryName": "normal" } 和SQL查询为: fileSql = "select * from file_table as a left join category_table as b on a.fId
parameters =
{
"manufacuturerId": "1",
"fileName": "abc1234 ",
"categoryName": "normal"
}
和SQL查询为:
fileSql = "select * from file_table as a
left join category_table as b
on a.fId = b.fId
left join manufacturer_table as c
on c.mId = a.mId
where c.manufacturerId = %(manufacturerId)s and
a.file_name = %(fileName)s and
b.name = %(categoryName)s ;"
cursor.execute(fileSql,(parameters))
这可以很好地使用参数化查询将dict的值绑定到基于键的SQL查询
但如果我的查询字符串更改为
{
"manufacuturerId": "1",
"fileName": "abc1234 "
}
然后密码就会消失
唯一的ManufactureRid是must,而others键值对是进一步筛选的可选项
如何优化代码?简单明了的答案是动态构建查询,即:
fileSql = """
select * from file_table as a
left join category_table as b on a.fId = b.fId
left join manufacturer_table as c on c.mId = a.mId
where c.manufacturerId = %(manufacturerId)s
"""
if "fileName" in parameters:
fileSql += " and a.file_name = %(fileName)s "
if "categoryName" in parameters:
fileSql += " and b.name = %(categoryName)s "
请注意,这仍然不是最优的,因为即使在不需要连接的情况下,我们也会将连接保留在category_表上。通过动态构建from子句也可以以类似的方式解决这一问题,如果您的项目中只有几个这样的情况,这也没关系-但大多数情况下,数据库drievn应用程序需要大量的动态查询,并且使用纯字符串手动构建它们很快会变得单调乏味且容易出错,所以你可能想看看脑海中出现的ORM Peewee能为你做些什么