1

I am using Python 3.5 and PyCharm 2017.3

My code appears as following:

var1 = 'ASD'
var2 = 'ASDPO'
qryPwr = ''.join(['select DATE as "DATE"'
                       ' from Table1 where MKT = ', "'", var1, "'",
                       ' and COMP = ', "'", var2, "'",
                       ' and ppow_vdays = 0'
                       ' and PPOW_SETTLE = ', "'", 'S', "'"])

I get the following for qryPqr:

qryPwr 
'select DATE as "DATE", from Table1 where MKT = \'ASD\' and COMP = \'ASDPO\' and ppow_vdays = 0 and PPOW_SETTLE = \'S\''

So, I have two questions:

(1) Why are there backslashes everywhere?

(2) How do I get rid of them or make my join statement better?

Edit: I want to remove the backslashes from the print statement as when I do the database query using qryPwr it tries to run the query with backslashes and hence errors out.

Marcos Dimitrio
  • 6,651
  • 5
  • 38
  • 62
Zanam
  • 4,607
  • 13
  • 67
  • 143
  • 1
    Try `print qryPwr` to see how the characters are printed - the backlashes are part of special symbols (`'` mostly in your case), and would also appear for any line breaks or tabs (`\n` and `\t` respectively). See [this tutorial](http://www.pitt.edu/~naraehan/python2/tutorial7.html) for more information. – berna1111 Dec 07 '17 at 14:14
  • The error is not caused by those backslashes. Please show us the full error message and stack trace. – Jean-François Corbett Dec 07 '17 at 14:16

2 Answers2

5

There are no backslashes in the variable, they are just in the printed output.

The shell does not print the variable directly, but calls repr() on it. This function

makes an attempt to return a string that would yield an object with the same value when passed to eval()

Usually, repr just wraps strings in quotes:

>>> "abc" # actually calls repr("abc")
'abc'

If your string contains one kind of quotes, it uses the other kind:

>>> "ab'c"
"ab'c"
>>> 'ab"c'
'ab"c'

But your string contains both kinds of quotes. If you would want to specify that in your code, you could either join string literals which each only have one kind (like you did), or escape one kind:

>>> "a\"b'c"
'a"b\'c'
>>> 'a"b\'c'
'a"b\'c'

This escaping is exactly what repr does when you output a string representation of the variable to the command line.

One side note: You are building a SQL query by concatenating fixed parts and (user supplied?) variables. Please don't do that. Please use at least prepared statements, or better a wrapper library like SQLAlchemy. This does not only make it easier to handle database connections, but also much more secure.

YSelf
  • 2,646
  • 1
  • 14
  • 19
  • I have to connect to an existing db using pyodbc. Do you have a basic example of prepared statement implementation? This is the first time I have heard of prepared statements so I am reading through google. – Zanam Dec 07 '17 at 14:29
  • 1
    I think [this answer](https://stackoverflow.com/a/9521382/4681308) is a simple example of the concept with odbc. [This](https://github.com/mkleehammer/pyodbc/wiki/Cursor#executesql-parameters) is the documentation. – YSelf Dec 07 '17 at 14:33
4

The backslashes are in the displayed output, but not in the variable itself, if you print your qryPwr you will see this

>>> qryPwr
'select DATE as "DATE", from Table1 where MKT = \'ASD\' and COMP = \'ASDPO\' and ppow_vdays = 0 and PPOW_SETTLE = \'S\''

>>> print(qryPwr)
select DATE as "DATE", from Table1 where MKT = 'ASD' and COMP = 'ASDPO' and ppow_vdays = 0 and PPOW_SETTLE = 'S'

You will get this if your actual str contains both ' and " characters. For a simpler example:

>>> s = 'a "b" \'c\''
>>> 
>>> s
'a "b" \'c\''
>>>
>>> print(s)
a "b" 'c'
>>> len(s) # as expected, \ characters aren't actually there.
9
Ryan Haining
  • 35,360
  • 15
  • 114
  • 174