Yes, web2py's executesql when used with placeholders will simply pass the provided query & placeholders on to execute() method of whichever database driver is being used, thus you must use a syntax supported by your driver. In the case of SQLite & MS SQL that syntax is question marks (?) for Postgres it is apparently %s or %(name)s and I think MySQL is the same (I haven't tried yet).
~Brian On Dec 1, 2:29 pm, Richard G <richard.ga...@gmail.com> wrote: > As I understand Web2py passes this off to the database adapter that is > in use (likely psycopg2 in this case). > > Psycopg2 accepts arguments in a couple different forms, using the '%s' > as you identify below, as well as named references with '%(name)s'. > > There are a few caveats when using query parameters that are specific > to psycopg2. More information (with better explanation then I can > provide) is available at:http://initd.org/psycopg/docs/usage.html > > Hope this helps > > On Dec 1, 1:29 am, Chris <partyonais...@gmail.com> wrote: > > > > > > > > > Hey all, > > > I was trying to use executesql with placeholders, based on the > > documentation in source and the mailing list [1]. The syntax on the > > site seems to suggest using question marks, for example: > > > db.executesql("select * from auth_user where id = ?", [4]) > > > I was banging my head against this for a while until I realized that > > the syntax that works is actually: > > > db.executesql("select * from auth_user where id = %s", [4]) > > > (not sure if this is in postgres or everywhere in general.) Is this > > correct, and if so can it be added to the documentation? > > > Thanks! > > > [1]http://groups.google.com/group/web2py/browse_thread/thread/dd01da67ca...