Is parameterized SQL not supported by Dremio?

With other mysql databases, something like this works:

import pyodbc
cnxn = pyodbc.connect('DRIVER={SQL Server};SERVER=localhost;DATABASE=testdb;UID=me;PWD=pass')

cursor = cnxn.cursor()

    select user_id, user_name
      from users
     where last_logon < ?
       and bill_overdue = ?
""", [, 1, 1), 'y'])

(This is straight out of the pyodbc docs)

But after extensive tinkering try to get the dremio odbc to work I keep on getting an error: pyodbc.ProgrammingError: ('The SQL contains 0 parameter markers, but 2 parameters were supplied', 'HY000')
I’ve tried every formatting specified in PEP249 with no luck. I’ve tried pandas and removed it with no luck.


Currently we do not support parameterized SQL


Is this a limitation specific to ODBC, or does this apply to JDBC also?


Currently we do not support parameterized SQL in JDBC also



Any update on parameterized SQL?

Hi @preetigupta

Not yet, we do not have that feature in the product yet


Thanks for quick reply. Would you recommend any alternate way to avoid possible SQLInjection attack?

Best regards,

Any update on parameterisation support in JDBC and ODBC?

Hi @spireite Not yet, currently it is not prioritized and certainly in the backlog to be picked up later

are you planning opensource jdbc driver?
we can contributing about it

Hi @dacopan I have checked with the right folks and someone will get back on this post

Hi @balaji.ramaswamy ,

Please can you let us know if there are any alternate way to avoid possible SQL Injection attack?

@preetigupta please let me know if you had find any alternate way?