使用sqlalchemy connection.execute

sql = text("SELECT users.fullname || ', ' || addresses.email_address AS title FROM users, addresses WHERE users.id = addresses.user_id AND users.name BETWEEN :x AND :y AND (addresses.email_address LIKE :e1 OR addresses.email_address LIKE ：e2）”）将命名参数传递到execute（）函数：

Benefits of Named Parameters

1. Reduced Risk of SQL Injections:

   sql = text("SELECT users.fullname || ', ' || addresses.email_address AS title FROM users, addresses WHERE users.id = addresses.user_id AND users.name BETWEEN :x AND :y AND (addresses.email_address LIKE :e1 OR addresses.email_address LIKE :e2)")

   改进的代码可读性：
名为参数使代码更易读，更易于理解，尤其是在处理复杂的查询时，涉及涉及多个参数的复杂查询。方法
2. 也可以定义一个函数来包装execute函数并接受命名parameters作为字典：

   连接= Engine.connect（） 尝试： 行= Connection.execute（sql，values） ... 最后： Connection.Close（） 返回结果

   在此方法中，可以通过以下方式执行查询：

   conn.execute(sql, {"x": "m", "y": "z", "e1": "%@aol.com", "e2": "%@msn.com"})

   此方法在维护原始代码的核心功能时启用了命名参数的利用。