1

I have trouble executing a SQL-statement from Python because of the " " in the selection. I think I've tried every combination, but can't figure it out. Can you please help me?

cnxn = pyodbc.connect("DRIVER={Microsoft Access Driver (*.mdb)};DBQ=c:\\python33\salesdb.mdb")
cursor = cnxn.cursor()
v_sql = "SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)="Robert Smith" ))"
cursor.execute(v_sql)

The problem is the " around Robert Smith in the SQL.

Improve this question

3 Answers 3

Reset to default
2

You would escape the quotes or use a different quoting style. Single quotes would do here, for example.

Using single quotes:

v_sql = 'SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)="Robert Smith" ))'

Using escaping:

v_sql = "SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)=\"Robert Smith\" ))"

or you can use triple quotes (one of ''' or """); these allow for easy multi-line strings as newlines are allowed and included in the final string value:

v_sql = """
SELECT DISTINCT tblSeller.ID, tblSeller.Navn 
FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID
WHERE (((tblSeller.Name)=\"Robert Smith\" ))
"""
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I'm really impressed! Thanks!
2

Try mixing with single quotes:

v_sql = "SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)='Robert Smith' ))"

or

v_sql = 'SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)="Robert Smith" ))'

In python strings can either be quoted with a doublequote " or a singlequote '. This is very usefull in these cases.

Improve this answer

Comments

2

In Python you can create string using ' or " as other says.

But in this case I would like to propose using PreparedStatement instead of simple query. Such PreparedStatement uses ? in place of arguments and arguments are simply array:

v_sql = "SELECT DISTINCT tblSeller.ID, tblSeller.Navn FROM tblResult INNER JOIN tblSeller ON tblResult.SellerID = tblSeller.ID WHERE (((tblSeller.Name)=?))"
rs = c.execute(v_sql, ["Robert Smith", ])

PreparedStatements have many advantages: they are simpler to database engines to parse, and cache query plans, they are SQLInjection attacks safe etc.

Improve this answer

3 Comments

WOW! Even an answer to something I wouldn't dream of existed. Thanks!
Why do you need to add the , after Robert Smith? Does it also take another argument?
Yes, it is "open" array, list or tuple ("Robert Smith", ) and you can add more elements. They can be of different types. For tuples with one element , is obligatory and I use it also for lists with one element.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.