[Tutor] Cleaning up input before inserting into MySQL.
Adam Cripps
kabads at gmail.com
Sat Mar 25 09:11:06 CET 2006
I have a textarea which collects text and other characters. I'm
attempting to put this into a MySQL database. See code at [1].
However, if I use any type of quotes (either single or double) then it
prematurely closes the SQL statement, and I get an errror:
ProgrammingError: (1064, "You have an error in your SQL syntax. Check
the manual that corresponds to your MySQL server version for the right
syntax to use near 'test'', '44')' at line 1")
How do I insert these quotes without it closing the SQL statement prematurely?
TIA
Adam
[1]
def insert(statement):
mycursor.execute(statement)
statement = """insert into report (title, content, author) values
('""" + str(times.getvalue('title')) + """', '""" +
str(times.getvalue('content')) + """', '""" +
str(times.getvalue('pupil')) + """')"""
insert(statement)
--
http://www.monkeez.org
PGP key: 0x7111B833
More information about the Tutor
mailing list