Strings: double versus single quotes
On 24/05/20 5:43 PM, Frank Millman wrote:
> On 2020-05-23 9:45 PM, DL Neil via Python-list wrote:
>> My habit with SQL queries is to separate them from other code, cf the
>> usual illustration of having them 'buried' within the code,
>> immediately before, or even part of, the query call.
> I like that idea, as I find that I am embedding more and more SQL in my
> How do you handle parameters? Do you leave placeholders ('?' or '%s') in
> the query, and leave it to the 'importer' of the query to figure out
> what is required?
Yes. Most "connector" software includes a feature which auto-magically
escapes all variable-data - a valuable safety feature!
I've been experimenting by going further and providing app.devs with
functions/methods, a mini-API if you will. Given that many?most don't
like having to deal with SQL, the extra 'insulation' boosts my personal
(and I need as much of that as I can get!)