这是下面的代码
public void GetFontLibrary()
{
SharpDX.DirectWrite.Factory factory = new SharpDX.DirectWrite.Factory();
var fontCollection = factory.GetSystemFontCollection(false);
var familCount = fontCollection.FontFamilyCount;
for (int i = 0; i < familCount; i++)
{
var fontFamily = fontCollection.GetFontFamily(i);
var familyNames = fontFamily.FamilyNames;
int index;
if (!familyNames.FindLocaleName(CultureInfo.CurrentCulture.Name, out index))
{
if (!familyNames.FindLocaleName("en-us", out index))
{
index = 0;
}
}
string name = familyNames.GetString(index);
FontList.Add(name);
}
}
输出:
pythonlist = ['Name','Mno']
datalist = ["qwerty",'234']
sql = "SELECT " + ",".join(pythonlist) + " FROM data WHERE name = '"+ "','".join(datalist) + "' INTO OUTFILE filename"
print(sql)
期望的输出:
SELECT Name,Mno FROM data WHERE Name= 'qwerty','234'
请注意删除了“ mno”中的引号。
之所以这样做,是因为列名及其对应的值会经常更改
答案 0 :(得分:0)
尝试一下:
data = {'Name': 'qwerty' , 'Mno' : '234'}
sql = "SELECT " + ", ".join(data.keys()) + " FROM data WHERE " + str(list(data.keys())[0]) + " = '" + \
str(data[list(data.keys())[0]]) + "' and " +\
str(list(data.keys())[1]) + " = " + str(data[list(data.keys())[1]])
print(sql)
答案 1 :(得分:0)
代码:
queryparams = {'Name': 'qwerty', 'Mno': '234'}
and_clause = []
[and_clause.append(' %s = %s ') for k,v in queryparams.items()]
and_clause_str = ' and '.join(and_clause)
sql = 'SELECT %s FROM data WHERE ' + and_clause_str
params = [','.join(queryparams.keys())]
for k,v in queryparams.items():
params.append(str(k))
params.append(str(v))
print(sql)
print(params)
cursor.execute(sql, params=tuple(params))
如果您将10/20的更多项目添加到dictionary,则此方法有效。
以及防止SQL-injection
:使用params
而不是string-concatenation
传递值。