home > db.query


Other languages: 简体中文


You want to perform advanced SQL statements like joins or counts.


webpy doesn’t try to build layers between you and your database. Rather, it tries to make it easy to perform common tasks, and get out of your way when you need to do more advanced things. Performing advanced database queries is no different. For example:

import web

db = web.database(dbn='postgres', db='mydata', user='dbuser', pw='')

results = db.query("SELECT COUNT(*) AS total_users FROM users")
print results[0].total_users # -> prints number of entries in 'users' table

or, for a JOIN example:

results = db.query("SELECT * FROM entries JOIN users WHERE entries.author_id = users.id")

To prevent SQL injection attacks, db.query also accepts the vars syntax as described in db.select:

results = db.query("SELECT * FROM users WHERE id=$id", vars={'id':10})

This will escape user input, if you’re trusting them for the id variable.