It looks like php's implode(sep, seq) is like sep.join(seq) in Python. But this is a lousy way to write database queries. You should use the Python's DB-API interface's execute(statement, parameters) instead. Assuming that paramstyle is 'qmark', I think it ends up looking something like this:
items = query_param.items()
keys = [item[0] for item in items]
values = [item[1] for item in items]
# If the query parameters or the table are under
# user control you must take care to validate them
assert table in permitted_tables
for k in query_param.keys():
assert k in permitted_keys
sql = "INSERT INTO %s (%s) values %s" % (
table, ", ".join(keys),
", ".join(["?"] * len(keys))
)
conn.execute(sql, values)
now you don't have to worry that you get the quoting of the values
absolutely right, since db-api does it for you.
Jeff
pgpAH3nHgcgJw.pgp
Description: PGP signature
-- http://mail.python.org/mailman/listinfo/python-list
