Django Book 翻译
菜单>:
TOC
返回
原文:
``connection`` and ``cursor`` mostly implement the standard Python DB-API (`http://www.python.org/peps/pep-0249.html`_). If youre not familiar with the Python DB-API, note that the SQL statement in ``cursor.execute()`` uses placeholders, ``"%s"`` , rather than adding parameters directly within the SQL. If you use this technique, the underlying database library will automatically add quotes and escaping to your parameter(s) as necessary. (Also note that Django expects the ``"%s"`` placeholder, *not* the ``"?"`` placeholder, which is used by the SQLite Python bindings. This is for the sake of consistency and sanity.)
翻译:
connection and cursor最常被實作,在標準的 Python DB-API (`http://www.python.org/peps/pep-0249.html`_).假如你還不夠熟悉Python DB-API,注意在cursor.execute()SQL 句子。使用placeholders,%s,甚於直接在SQL裏加參數。假如你使用這個技巧,底下的資料庫函式庫將自動的加上引號給你的參數,視需要而定。(也注意Django 期待%splaceholder而不是?placeholder,後者用於SQLite Python連接。這是為了穩定性的考量。
备注:
译者: