堆栈内存溢出
  简体   繁体   English

从数据帧创建逗号分隔列表以传递到 SQL 查询时出错

[英]Error while creating comma separated list from data-frame to pass into SQL query

 原文  2020-07-01 07:57:07       python/ pandas/ dataframe

问题描述

I am trying to create a comma separated list to pass SQL query.我正在尝试创建一个逗号分隔的列表来传递 SQL 查询。

my code我的代码

sql1 = '''select carrier_name, carrier_account, invoice_number, invoice_amount, currency, invoice_date
from invoice_summary where invoice_number in {}'''.format(tuple(data1['invoice_number'].values.tolist()))

Current Output当前Output

    "select carrier_name, carrier_account, invoice_number,
 invoice_amount, currency, invoice_date\nfrom invoice_summary where invoice_number in ('BHX3327983',)"

Expected Output "预计 Output "

select carrier_name, carrier_account, invoice_number,
     invoice_amount, currency, invoice_date\nfrom invoice_summary where invoice_number in ('BHX3327983')"

I am looking for a solution that works when there is single input or there mutliple inputs to be passed.我正在寻找一种在有单个输入或要传递多个输入时有效的解决方案。

Whats wrong in my code.我的代码有什么问题。

2 个解决方案

解决方案1
 1 已采纳  2020-07-01 08:06:33

Try using join and put the parenthesis inside the string:尝试使用join并将括号放在字符串中:

sql1 = '''select carrier_name, carrier_account, invoice_number, invoice_amount, currency, invoice_date
from invoice_summary where invoice_number in ({})'''.format(','.join(["'{}'".format(x) for x in data1['invoice_number']]))

Update更新

You could use the DataFrame.empty property to conditionally set the value of the sql statement.您可以使用DataFrame.empty属性有条件地设置 sql 语句的值。 If data1 is empty, then set your WHERE clause to something that is False, eg 1 = 0 :如果data1为空,则将WHERE子句设置为 False,例如1 = 0

if data1.empty:
    sql1 = '''select carrier_name, carrier_account, invoice_number, invoice_amount, currency, invoice_date
              from invoice_summary where 1 = 0'''
else:
    sql1 = ('''select carrier_name, carrier_account, invoice_number, invoice_amount, currency, invoice_date
              from invoice_summary where invoice_number in ({})'''
            .format(','.join(["'{}'".format(x) for x in data1['invoice_number']])))

解决方案2
 0  2020-07-01 08:31:59

To avoid SQL-injection you could use this:为避免 SQL 注入,您可以使用以下命令:

invoice_nums_list = data1['invoice_number'].values.tolist()

sql1 = '''select carrier_name, carrier_account, invoice_number, invoice_amount, currency, invoice_date from invoice_summary where invoice_number in ''' + 
       '(' + ','.join('%s' for i in range(len(invoice_nums_list))) + ')'

print(sql1)

cursor.execute(sql1, params=tuple(invoice_nums_list))

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何将数据框列中的数字转换为逗号分隔 - How to transform numbers in data-frame column to comma separated 翻译 pandas 中的数据框列时出错:IndexError:列表索引超出范围 - Error while translating the data-frame column in pandas : IndexError: list index out of range 从列表创建数据框时出现内存错误 - Memory Error while creating Data frame from list Python:从查询创建逗号分隔的字符串 - Python: creating a comma separated string from a query 迭代时使用来自不同行的值的数据框 - Data-frame using values from different rows while iterating 根据列表的内容从数据框中选择列 - Selecting columns from a data-frame based on contents of a list 根据作为条件的值列表从数据框中删除一行 - remove a row from data-frame based on list of values as condition 在创建事务数据框时遇到问题 - Having problems creating a transaction data-frame 将数据框转换为python中的列表列表 - convert data-frame into lists of list in python 将数据框日期索引复制到列表中 - Copy data-frame date index into a list
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM