尝试过类似 cur.execute('SELECT ? FROM translations WHERE imagename = ? ', (target, filename,))但它只是返回 [('de',), ('de',), ('de',), ('de',), ('de',), ('de',)]成为目标 = 'de'
3 回答
DIEA
TA贡献1820条经验 获得超3个赞
不能用于数据库?对象名称,例如表名和列名。允许这样做会带来很大的安全风险。这里的一种解决方法是只为每个逻辑流维护单独的语句,例如
if target == "col1":
cur.execute('SELECT col1 FROM translations WHERE imagename = ?', (filename,))
elif target == "col2":
cur.execute('SELECT col2 FROM translations WHERE imagename = ?', (filename,))
else:
cur.execute('SELECT col3 FROM translations WHERE imagename = ?', (filename,))
当年话下
TA贡献1890条经验 获得超9个赞
通过 SQL 选择整行,然后从结果中获取相关值。就像是:
result = cur.execute('SELECT * FROM translations WHERE imagename = ?', (filename,))
texts = [row[target] for row in result.fetchall()]
添加回答
举报
0/150
提交
取消