![](/img/trans.png)
[英]How to calculate if age is in range from the birth year ,while fetching the birth year from Db in Django ORM
[英]Django : How to use LIKE while fetching data from mysql DB
我需要一種使用Django的LIKE從數據庫中獲取類似記錄的方法。 我的代碼是:
def fetchProductsDate1(request):
query = request.session.get('query')
date1 = request.session.get('date1')
db = pymysql.connect(host=host,user=user,passwd=passwd,db=dbName)
# Create a Cursor object to execute queries.
cur = db.cursor()
# Select data from table using SQL query.
stmt = "SELECT FSN FROM tab WHERE query LIKE '%s' AND DATE(updated_at) LIKE '%s' " % (query.replace("'", r"\'"), date1)
log.info(stmt)
cur.execute(stmt)
rows = cur.fetchall()
json_data = rows[0][0]
db語句如下所示:
SELECT num FROM tab WHERE query LIKE 'soch sarees' AND DATE(updated_at) LIKE '2018-11-14'
我希望聲明像:
SELECT num FROM tab WHERE query LIKE '%soch sarees%' AND DATE(updated_at) LIKE '2018-11-14'
任何幫助都將非常好:)
謝謝。
您可以使用%%
來做到這一點
stmt = "SELECT FSN FROM tab WHERE query LIKE '%%%s%%' AND DATE(updated_at) LIKE '%s' " % (query.replace("'", r"\'"), date1)
這會給我們
從選項卡中選擇FSN,在其中查詢類似'%soch sarees%'和DATE(updated_at)類似'2018-11-14'
另外,我認為連接這樣的參數是一種不好的做法,這為SQL注入打開了道路
您可以嘗試:
select_stmt = "SELECT FSN FROM tab WHERE query LIKE '%%%(name)%%%' AND DATE(updated_at) LIKE '%(date)%'"
cursor.execute(select_stmt, { 'name': 'soch sarees','date':'2018-11-14' })
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.