Re: [flask] Use psycopg2 directly?
- From:
- Simon Sapin
- Date:
- 2011-12-31 @ 04:02
Le 31/12/2011 03:18, John Mastro a écrit :
> Hello,
>
> Is it possible / reasonable to use psycopg2 directly (via the "g"
> object), without an ORM, similarly to how SQLite is used in, for
> example, Flaskr?
>
> The background is that I'm creating a very small and simple Flask
> application which doesn't do much more than query a (PostgreSQL)
> database and display the results in a table. The application doesn't
> need to understand the data, database independence isn't required, and
> the queries themselves are pretty basic.
>
> I don't see a problem with doing things this way, but I'm new to both
> web application development and working with databases via Python. I've
> looked about online and haven't seen many discussions about or examples
> of people doing things this way, so I thought I'd ask.
>
> Thanks,
>
> John
Hi,
Flask does nothing for database access so it’s entirely possible. As for
reasonable, it depends, but I’d that in your case it is. There certainly
are cases where an ORM is not needed or not appropriate.
Just be careful of SQL injections and do not to build your SQL from
user-input strings. Use parameterized queries instead:
http://stackoverflow.com/a/1471178
Regards,
--
Simon Sapin