Python, SQLAlchemy pass parameters in connection.execute
up vote
13
down vote
favorite
I am using SQLAlchemy connection.execute(sql) to transform select results to array of maps. Have following code
def __sql_to_data(sql):
result =
connection = engine.connect()
try:
rows = connection.execute(sql)
for row in rows:
result_row =
for col in row.keys():
result_row[str(col)] = str(row[col])
result.append(result_row)
finally:
connection.close()
return result
and e.g.
__sql_to_data(sql_get_scan_candidate)But in order to add parameter to sql I am currently using format e.g.
return __sql_to_data(sql_get_profile.format(user_id))Question
How to modify procedure to make possible something like
return __sql_to_data(sql_get_profile,user_id)python sql sqlalchemy parameter-passing
asked Oct 11 '13 at 9:08
Denis
3062312
add a comment |
up vote
13
down vote
favorite
I am using SQLAlchemy connection.execute(sql) to transform select results to array of maps. Have following code
def __sql_to_data(sql):
result =
connection = engine.connect()
try:
rows = connection.execute(sql)
for row in rows:
result_row =
for col in row.keys():
result_row[str(col)] = str(row[col])
result.append(result_row)
finally:
connection.close()
return result
and e.g.
__sql_to_data(sql_get_scan_candidate)But in order to add parameter to sql I am currently using format e.g.
return __sql_to_data(sql_get_profile.format(user_id))Question
How to modify procedure to make possible something like
return __sql_to_data(sql_get_profile,user_id)python sql sqlalchemy parameter-passing
asked Oct 11 '13 at 9:08
Denis
3062312
add a comment |
up vote
13
down vote
favorite
up vote
13
down vote
favorite
I am using SQLAlchemy connection.execute(sql) to transform select results to array of maps. Have following code
def __sql_to_data(sql):
result =
connection = engine.connect()
try:
rows = connection.execute(sql)
for row in rows:
result_row =
for col in row.keys():
result_row[str(col)] = str(row[col])
result.append(result_row)
finally:
connection.close()
return result
and e.g.
__sql_to_data(sql_get_scan_candidate)But in order to add parameter to sql I am currently using format e.g.
return __sql_to_data(sql_get_profile.format(user_id))Question
How to modify procedure to make possible something like
return __sql_to_data(sql_get_profile,user_id)python sql sqlalchemy parameter-passing
asked Oct 11 '13 at 9:08
Denis
3062312
I am using SQLAlchemy connection.execute(sql) to transform select results to array of maps. Have following code
def __sql_to_data(sql):
result =
connection = engine.connect()
try:
rows = connection.execute(sql)
for row in rows:
result_row =
for col in row.keys():
result_row[str(col)] = str(row[col])
result.append(result_row)
finally:
connection.close()
return result
and e.g.
__sql_to_data(sql_get_scan_candidate)But in order to add parameter to sql I am currently using format e.g.
return __sql_to_data(sql_get_profile.format(user_id))Question
How to modify procedure to make possible something like
return __sql_to_data(sql_get_profile,user_id)python sql sqlalchemy parameter-passing
python sql sqlalchemy parameter-passing
asked Oct 11 '13 at 9:08
Denis
3062312
asked Oct 11 '13 at 9:08
Denis
3062312
asked Oct 11 '13 at 9:08
Denis
3062312
asked Oct 11 '13 at 9:08
Denis
3062312
asked Oct 11 '13 at 9:08
Denis
3062312
3062312
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
31
down vote
accepted
The tutorial gives a pretty good example for this:
>>> from sqlalchemy.sql import text
>>> s = text(
... "SELECT users.fullname || ', ' || addresses.email_address AS title "
... "FROM users, addresses "
... "WHERE users.id = addresses.user_id "
... "AND users.name BETWEEN :x AND :y "
... "AND (addresses.email_address LIKE :e1 "
... "OR addresses.email_address LIKE :e2)")
SQL>>> conn.execute(s, x='m', y='z', e1='%@aol.com', e2='%@msn.com').fetchall()
[(u'Wendy Williams, wendy@aol.com',)]
First, take your SQL string and pass it to sqalchemy.sql.text(). This isn't necessary, but probably a good idea...
The advantages text() provides over a plain string are backend-neutral
support for bind parameters, per-statement execution options, as well
as bind parameter and result-column typing behavior, allowing
SQLAlchemy type constructs to play a role when executing a statement
that is specified literally.
Note that even if you didn't use text(), you should NEVER just use sql.format(...). This leads to greater risk of SQL injection attacks.
Next, you can specify the actual arguments using keyword parameters to the execute() function you've already been using.
Now, in your example, you have a function that wraps the execute functionality. So, if you want to use this for multiple queries, you'll need to make the parameters able to receive your arguments. You could do this pretty simple as a dictionary:
def _sql_to_data(sql, values):
...
conn.execute(sql, values)
values would be a dictionary.You could then use your function like this...
sql = 'SELECT ...'
data = 'user_id' : 3
results = _sql_to_data(sql, data)
Using keywords as your parameters is just one way of specifying the arguments to the execute() function. You can read the documentation for that function for a few different ways.
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
textdoes not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.
– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you usingbindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.
– Ilja Everilä
Nov 10 at 12:51
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
31
down vote
accepted
The tutorial gives a pretty good example for this:
>>> from sqlalchemy.sql import text
>>> s = text(
... "SELECT users.fullname || ', ' || addresses.email_address AS title "
... "FROM users, addresses "
... "WHERE users.id = addresses.user_id "
... "AND users.name BETWEEN :x AND :y "
... "AND (addresses.email_address LIKE :e1 "
... "OR addresses.email_address LIKE :e2)")
SQL>>> conn.execute(s, x='m', y='z', e1='%@aol.com', e2='%@msn.com').fetchall()
[(u'Wendy Williams, wendy@aol.com',)]
First, take your SQL string and pass it to sqalchemy.sql.text(). This isn't necessary, but probably a good idea...
The advantages text() provides over a plain string are backend-neutral
support for bind parameters, per-statement execution options, as well
as bind parameter and result-column typing behavior, allowing
SQLAlchemy type constructs to play a role when executing a statement
that is specified literally.
Note that even if you didn't use text(), you should NEVER just use sql.format(...). This leads to greater risk of SQL injection attacks.
Next, you can specify the actual arguments using keyword parameters to the execute() function you've already been using.
Now, in your example, you have a function that wraps the execute functionality. So, if you want to use this for multiple queries, you'll need to make the parameters able to receive your arguments. You could do this pretty simple as a dictionary:
def _sql_to_data(sql, values):
...
conn.execute(sql, values)
values would be a dictionary.You could then use your function like this...
sql = 'SELECT ...'
data = 'user_id' : 3
results = _sql_to_data(sql, data)
Using keywords as your parameters is just one way of specifying the arguments to the execute() function. You can read the documentation for that function for a few different ways.
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
textdoes not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.
– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you usingbindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.
– Ilja Everilä
Nov 10 at 12:51
add a comment |
up vote
31
down vote
accepted
The tutorial gives a pretty good example for this:
>>> from sqlalchemy.sql import text
>>> s = text(
... "SELECT users.fullname || ', ' || addresses.email_address AS title "
... "FROM users, addresses "
... "WHERE users.id = addresses.user_id "
... "AND users.name BETWEEN :x AND :y "
... "AND (addresses.email_address LIKE :e1 "
... "OR addresses.email_address LIKE :e2)")
SQL>>> conn.execute(s, x='m', y='z', e1='%@aol.com', e2='%@msn.com').fetchall()
[(u'Wendy Williams, wendy@aol.com',)]
First, take your SQL string and pass it to sqalchemy.sql.text(). This isn't necessary, but probably a good idea...
The advantages text() provides over a plain string are backend-neutral
support for bind parameters, per-statement execution options, as well
as bind parameter and result-column typing behavior, allowing
SQLAlchemy type constructs to play a role when executing a statement
that is specified literally.
Note that even if you didn't use text(), you should NEVER just use sql.format(...). This leads to greater risk of SQL injection attacks.
Next, you can specify the actual arguments using keyword parameters to the execute() function you've already been using.
Now, in your example, you have a function that wraps the execute functionality. So, if you want to use this for multiple queries, you'll need to make the parameters able to receive your arguments. You could do this pretty simple as a dictionary:
def _sql_to_data(sql, values):
...
conn.execute(sql, values)
values would be a dictionary.You could then use your function like this...
sql = 'SELECT ...'
data = 'user_id' : 3
results = _sql_to_data(sql, data)
Using keywords as your parameters is just one way of specifying the arguments to the execute() function. You can read the documentation for that function for a few different ways.
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
textdoes not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.
– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you usingbindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.
– Ilja Everilä
Nov 10 at 12:51
add a comment |
up vote
31
down vote
accepted
up vote
31
down vote
accepted
The tutorial gives a pretty good example for this:
>>> from sqlalchemy.sql import text
>>> s = text(
... "SELECT users.fullname || ', ' || addresses.email_address AS title "
... "FROM users, addresses "
... "WHERE users.id = addresses.user_id "
... "AND users.name BETWEEN :x AND :y "
... "AND (addresses.email_address LIKE :e1 "
... "OR addresses.email_address LIKE :e2)")
SQL>>> conn.execute(s, x='m', y='z', e1='%@aol.com', e2='%@msn.com').fetchall()
[(u'Wendy Williams, wendy@aol.com',)]
First, take your SQL string and pass it to sqalchemy.sql.text(). This isn't necessary, but probably a good idea...
The advantages text() provides over a plain string are backend-neutral
support for bind parameters, per-statement execution options, as well
as bind parameter and result-column typing behavior, allowing
SQLAlchemy type constructs to play a role when executing a statement
that is specified literally.
Note that even if you didn't use text(), you should NEVER just use sql.format(...). This leads to greater risk of SQL injection attacks.
Next, you can specify the actual arguments using keyword parameters to the execute() function you've already been using.
Now, in your example, you have a function that wraps the execute functionality. So, if you want to use this for multiple queries, you'll need to make the parameters able to receive your arguments. You could do this pretty simple as a dictionary:
def _sql_to_data(sql, values):
...
conn.execute(sql, values)
values would be a dictionary.You could then use your function like this...
sql = 'SELECT ...'
data = 'user_id' : 3
results = _sql_to_data(sql, data)
Using keywords as your parameters is just one way of specifying the arguments to the execute() function. You can read the documentation for that function for a few different ways.
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
The tutorial gives a pretty good example for this:
>>> from sqlalchemy.sql import text
>>> s = text(
... "SELECT users.fullname || ', ' || addresses.email_address AS title "
... "FROM users, addresses "
... "WHERE users.id = addresses.user_id "
... "AND users.name BETWEEN :x AND :y "
... "AND (addresses.email_address LIKE :e1 "
... "OR addresses.email_address LIKE :e2)")
SQL>>> conn.execute(s, x='m', y='z', e1='%@aol.com', e2='%@msn.com').fetchall()
[(u'Wendy Williams, wendy@aol.com',)]
First, take your SQL string and pass it to sqalchemy.sql.text(). This isn't necessary, but probably a good idea...
The advantages text() provides over a plain string are backend-neutral
support for bind parameters, per-statement execution options, as well
as bind parameter and result-column typing behavior, allowing
SQLAlchemy type constructs to play a role when executing a statement
that is specified literally.
Note that even if you didn't use text(), you should NEVER just use sql.format(...). This leads to greater risk of SQL injection attacks.
Next, you can specify the actual arguments using keyword parameters to the execute() function you've already been using.
Now, in your example, you have a function that wraps the execute functionality. So, if you want to use this for multiple queries, you'll need to make the parameters able to receive your arguments. You could do this pretty simple as a dictionary:
def _sql_to_data(sql, values):
...
conn.execute(sql, values)
values would be a dictionary.You could then use your function like this...
sql = 'SELECT ...'
data = 'user_id' : 3
results = _sql_to_data(sql, data)
Using keywords as your parameters is just one way of specifying the arguments to the execute() function. You can read the documentation for that function for a few different ways.
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
edited Jun 2 '17 at 23:28
robert_x44
7,99312235
7,99312235
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
answered Oct 11 '13 at 17:53
Mark Hildreth
27.1k89097
27.1k89097
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
textdoes not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.
– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you usingbindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.
– Ilja Everilä
Nov 10 at 12:51
add a comment |
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
textdoes not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.
– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you usingbindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.
– Ilja Everilä
Nov 10 at 12:51
3
3
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
Thank you, my bad, by some reason I was not able to find this in doc. My only one excuse SQLAlchemy doc is somewhat fragmented with emphasis on ORM.
– Denis
Oct 12 '13 at 10:11
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
One more question - how fetchAll() and then itterating in results data structure relates to for row in rows in terms of memory consumption?
– Denis
Oct 12 '13 at 10:36
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
@Denis: I'm not sure exactly what you mean. Perhaps you should create another StackOverflow question, and try to be more specific about what you are asking.
– Mark Hildreth
Oct 12 '13 at 19:45
text does not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.– Steven Wade
Jul 12 at 16:49
text does not let you create a list of values which is a tremendous downside and often makes it unusable in many of my cases making format the only real way.– Steven Wade
Jul 12 at 16:49
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you using
bindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.– Ilja Everilä
Nov 10 at 12:51
@stevenwade Format is never the real way, unleas you mean formatting the required placeholders for the list values, and SQLAlchemy even does it for you using
bindparam(..., expanding=True). On the other hand some DB-API drivers adapt arrays out of the box to suitable SQL.– Ilja Everilä
Nov 10 at 12:51
add a comment |
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f19314342%2fpython-sqlalchemy-pass-parameters-in-connection-execute%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
