如何在字符串中引用函数参数
How to reference function argument in a string
我有一个函数应该按如下方式查询数据库:
def raw_disc(make):
data_make = pd.DataFrame(disc.queryRedshift(
"""select D.model_slug,
D.cap_engine_id,
D.dealership_id,
D.cash_percentage,
D.cash_post_discount_amount as cash_post
from quotes_site.discounts D join quotes_site.dealerships DLR
on D.dealership_id = DLR.id
where DLR.archived <> 't'
and DLR.suspended <> 't',
-> and DLR.make = "make"
group by 1,2,3,4,5"""))
return data_make
因为查询在三重引号内,所以我无法添加包含在参数 make into 子句中的字符串,其中 DLR.make = "make"
据我所知,在 C 中我会做类似 '%s',$d(记不清了)在 python
中是否有类似的方法
如有任何建议或资源,我们将不胜感激
我想你想要的是这样的:
def raw_disc(make):
data_make = pd.DataFrame(disc.queryRedshift(
"""select D.model_slug,
D.cap_engine_id,
D.dealership_id,
D.cash_percentage,
D.cash_post_discount_amount as cash_post
from quotes_site.discounts D join quotes_site.dealerships DLR
on D.dealership_id = DLR.id
where DLR.archived <> 't'
and DLR.suspended <> 't',
-> and DLR.make = '{0}'
group by 1,2,3,4,5""".format(make)))
return data_make
您已将您的问题标记为 amazon-redshift,并且您的代码显示您正在使用 Pandas。 Pandas 具有将 SQL 查询(或整个 table)的结果读入数据帧的内置功能:
http://pandas.pydata.org/pandas-docs/stable/generated/pandas.read_sql.html
如果您使用与 Redshift 配合使用的 SQLAlchemy,您可以使用 pandas.read_sql 的参数参数和类似的方法:
params : list, tuple or dict, optional, default: None
List of parameters to pass to execute method. The syntax used to pass parameters is database driver dependent. Check your database driver documentation for which of the five syntax styles, described in PEP 249’s paramstyle, is supported. Eg. for psycopg2, uses %(name)s so use params={‘name’ : ‘value’}
示例(假设您安装了 sqlalchemy 和 sqlalchemy-redshift 软件包):
import pandas as pd
from sqlalchemy import create_engine
engine = create_engine('redshift+psycopg2://user:password@xxx.redshift.amazonaws.com:1234/db')
name = 'test'
key = 10
df = pd.read_sql('''SELECT * FROM mytable WHERE name = %(name)s AND key > %(key)s''',
engine,
params={'name': name, 'key': key})
这避免了 SQL injection 的危险,如果您按照其他人的建议自行格式化字符串。
我有一个函数应该按如下方式查询数据库:
def raw_disc(make):
data_make = pd.DataFrame(disc.queryRedshift(
"""select D.model_slug,
D.cap_engine_id,
D.dealership_id,
D.cash_percentage,
D.cash_post_discount_amount as cash_post
from quotes_site.discounts D join quotes_site.dealerships DLR
on D.dealership_id = DLR.id
where DLR.archived <> 't'
and DLR.suspended <> 't',
-> and DLR.make = "make"
group by 1,2,3,4,5"""))
return data_make
因为查询在三重引号内,所以我无法添加包含在参数 make into 子句中的字符串,其中 DLR.make = "make"
据我所知,在 C 中我会做类似 '%s',$d(记不清了)在 python
中是否有类似的方法如有任何建议或资源,我们将不胜感激
我想你想要的是这样的:
def raw_disc(make):
data_make = pd.DataFrame(disc.queryRedshift(
"""select D.model_slug,
D.cap_engine_id,
D.dealership_id,
D.cash_percentage,
D.cash_post_discount_amount as cash_post
from quotes_site.discounts D join quotes_site.dealerships DLR
on D.dealership_id = DLR.id
where DLR.archived <> 't'
and DLR.suspended <> 't',
-> and DLR.make = '{0}'
group by 1,2,3,4,5""".format(make)))
return data_make
您已将您的问题标记为 amazon-redshift,并且您的代码显示您正在使用 Pandas。 Pandas 具有将 SQL 查询(或整个 table)的结果读入数据帧的内置功能:
http://pandas.pydata.org/pandas-docs/stable/generated/pandas.read_sql.html
如果您使用与 Redshift 配合使用的 SQLAlchemy,您可以使用 pandas.read_sql 的参数参数和类似的方法:
params : list, tuple or dict, optional, default: None
List of parameters to pass to execute method. The syntax used to pass parameters is database driver dependent. Check your database driver documentation for which of the five syntax styles, described in PEP 249’s paramstyle, is supported. Eg. for psycopg2, uses %(name)s so use params={‘name’ : ‘value’}
示例(假设您安装了 sqlalchemy 和 sqlalchemy-redshift 软件包):
import pandas as pd
from sqlalchemy import create_engine
engine = create_engine('redshift+psycopg2://user:password@xxx.redshift.amazonaws.com:1234/db')
name = 'test'
key = 10
df = pd.read_sql('''SELECT * FROM mytable WHERE name = %(name)s AND key > %(key)s''',
engine,
params={'name': name, 'key': key})
这避免了 SQL injection 的危险,如果您按照其他人的建议自行格式化字符串。