到目前为止,答案一直是将这些值模板化为纯sql字符串。这对于整数绝对没问题,但是如果我们想对字符串执行此操作,则会遇到转义问题。
placeholder= '?' # For sqlite. See DBAPI paramstyle.
placeholders= ', '.join(placeholder for unused in l)
query= 'SELECT name FROM students WHERE id IN (%s)' % placeholders
cursor.execute(query, l)