亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

<p>I'm trying to send a query through Django's Python, and I'm also trying to prevent any SQL injection attacks. <br /><br />Can someone explain how the messaging works? For example, an example of a LIKE query. </p><p><br /></p> <pre class="brush:php;toolbar:false;">"SELECT * FROM admin WHERE name LIKE '%myTitle%'</pre> <p>It's easy to configure queries like this. </p> <p><code>cursor.execute("SELECT * FROM admin WHERE name= %s", (_id, ))</code>;</p> <p>But it is easy to make mistakes by canceling the %% in the text when inserting %s, for example. </p> <pre class="brush:php;toolbar:false;">SELECT * FROM admin WHERE name LIKE %s</pre> <p>When the query completes, it will look like this. </p> <pre class="brush:php;toolbar:false;">SELECT * FROM admin WHERE name 'MyTitle'</pre> <p>It is being implemented correctly, but I want %% to be set between %s and LIKE. </p> <pre class="brush:php;toolbar:false;">SELECT * FROM admin WHERE name '%MyTitle%'</pre> <p>Can someone explain how to solve this problem? <br /><br />My simple script is as follows:</p><p><br /></p> <pre class="brush:php;toolbar:false;">from django.db import connection title = "myTitle" query = "SELECT * FROM admin WHERE name LIKE %s" with connection.cursor() as cursor: cursor.execute(query, (title,))</pre> <p><br /></p>

>>> query = "SELECT * FROM myapp_person WHERE last_name = %s" % lname
>>> Person.objects.raw(query)

title_like = f"%{title}%"
cursor.execute(query, (title_like,))