[英]Postgresql & Psycopg2 unable to properly select data between two dates
I created an API service that returns ticker,rate and date as JSON, But when i'm trying to select multiple parameters, it doesn't works properly like here is an example,lets say end_at
= 2010-05-10
and start_at
= 2010-05-15
:
數據庫 model:
class Currency(Base):
__tablename__ = "currency"
ticker = Column(String)
date = Column(Date)
rates = Column(JSONB, primary_key=True)
更新了 Mike Orgenek 回答的查詢代碼:
if end_at and start_at:
currency = cursor.execute("""
SELECT rates,date,ticker
FROM currency
WHERE ticker = %s
AND date BETWEEN SYMMETRIC %s AND %s """, (base, start_at, end_at, ))
打印start_at
= 2010-05-10
& end_at
= 2010-05-15
的查詢后
Out: 2020-07-04T09:32:30.898337+00:00 app[web.1]: b"\n SELECT rates,date,ticker\n FROM currency\n WHERE ticker = 'EUR'\n AND date BETWEEN SYMMETRIC '2010-05-10' AND '2010-05-15' "
即使使用正確的查詢,它也無法識別我的start_at
參數FULL API Output
它包括早於start_at
的日期,例如"2010-01-28"
、 "2010-01-07"
、 "2010-04-16"
請參數化您的查詢以避免 SQL 注入攻擊。
if end_at and start_at:
currency = cursor.execute("""SELECT rates,date,ticker
FROM currency
WHERE ticker = %s
AND date BETWEEN SYMMETRIC %s AND %s """, (base, start_at, end_at, ))
print(cursor.query) # <--- This should log the complete query sent to the db server
要診斷手頭的問題,請執行以下操作以查看您發送的內容,但在將所有execute()
調用更改為參數化表單之前,不要讓您的應用程序生效。
if end_at and start_at:
query = f"""SELECT rates,date,ticker
FROM currency
WHERE ticker = '{base}'
AND date BETWEEN SYMMETRIC '{start_at}' AND '{end_at}' """
print(query)
currency = cursor.execute(query)
在修復查詢以使用參數后,要查看查詢中發送到服務器的內容,請使用LoggingConnection
作為現有psycopg2.Connection
的替代品,如如何使用 Psycopg2 的 LoggingConnection? .
import logging
import psycopg2
from psycopg2.extras import LoggingConnection
logging.basicConfig(level=logging.DEBUG)
logger = logging.getLogger(__name__)
conn=psycopg2.connect(connection_factory=LoggingConnection, database='some_database')
conn.initialize(logger)
c = conn.cursor()
c.execute("select count(*) from some_table where id > %s", (1000, ))
使用我的基本配置,日志會轉到控制台:
DEBUG:__main__:b'select count(*) from some_table where id > 1000'
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.