See sanitized sql query

Question

The advised way to run a parameterized query with psycopg2, if I understand correctly, is to use the second argument to the execute method:

SQL = "INSERT INTO authors (name) VALUES (%s);"
data = ("O'Reilly", )
cur.execute(SQL, data)

This will sanitize the data, do quoting, etc. That's great. Less great is it appears to be opaque; it seems to be a black box that modifies my code. I'd like to see what the actual query sent to the database is. Is there some way to see that?

snakecharmerb · Accepted Answer · 2021-10-12T06:02:30.983

3

You can use the cursor.mogrify method to print the query with interpolated values:

>>> conn = psycopg2.connect(database='test')
>>> cur = conn.cursor()
>>> cur.mogrify('SELECT foo, bar, baz FROM quux WHERE a = %s', (42,))
b'SELECT foo, bar, baz FROM quux WHERE a = 42'

Note that this is a psycopg2-specific method - it won't work for other DB-API connectors.

edited Oct 12 '21 at 06:02

answered Oct 07 '21 at 04:45

snakecharmerb

47,570
11
100
153

See sanitized sql query

1 Answers1