Mohit Ranka Mohit Ranka - 5 months ago 44
SQL Question

python list in sql query as parameter

I have a python list, say l

l = [1,5,8]

I want to write a sql query to get the data for all the elements of the list, say

"select name from studens where id = |IN THE LIST l|"

How do i accomlish this?


Answers so far have been templating the values into a plain SQL string. That's absolutely fine for integers, but if we wanted to do it for strings we get the escaping issue.

Here's a variant using a parameterised query that would work for both:

placeholder= '?' # For SQLite. See DBAPI paramstyle.
placeholders= ', '.join(placeholder for unused in l)
query= 'SELECT name FROM students WHERE id IN (%s)' % placeholders
cursor.execute(query, l)