This question already has an answer here:
I am running a script through python that inserts data into a database. I can insert several rows; however, if I try to insert a row that has a single quote in it, it gives me an error:
sName = "Jim O'Connor"
returns the error:
ProgrammingError: ('42000', "[42000] [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''Jim O'Connor')'. (-3100) (SQLExecDirectW)")
I have tried to use the replace function, but it never turns out quite how I need it to.
sName = sName.replace("'","'")
returns Jim O'Connor
and
sName = sName.replace("'","\'")
returns Jim O\'Connor
What I need is Jim O'Connor
Thanks in advance!
Update: The article posted as an effort to mark this as a duplicate in no way answers the question of why I am getting this error. It is a question on parameterization (which I did not ask about). Although I understand that the answer may be to use parameters, asking why an escaped SQL statement is not working is entirely different then asking how to parameterize. I will review the article to determine if using parameters fixes the issue.
Aucun commentaire:
Enregistrer un commentaire