QuoteSQL

[Lawrence D'Oliveiro]

In message <mailman.560.1159188345.10491.python-list at python.org>, Steve
Holden wrote:

> When you use the DB API correctly and paramterise your queries you still
> need to quote wildcards in search arguments, but you absolutely
> shouldn't quote the other SQL specials.
> 
> That's what parameterised queries are for on the first place...

So you're suggesting I quote the wildcards, then rely on autoquoted
parameters to handle the rest? Unfortunately, that's stupid mistake number
2.