escape string to store in a database?

andrei.avk at gmail.com andrei.avk at gmail.com
Sat Mar 15 05:18:50 CET 2008


On Mar 14, 1:36 am, Dennis Lee Bieber <wlfr... at ix.netcom.com> wrote:
> On Thu, 13 Mar 2008 19:55:27 -0700 (PDT), andrei.... at gmail.com declaimed
> the following in comp.lang.python:
>
>
>
> > Thanks for the reply, Carsten, how would this work with UPDATE
> > command? I get this error:
>
> >         cmd = "UPDATE items SET content = ? WHERE id=%d" % id
>
>                 cmd = "update items set content = ? where id = ?"
>
> >     self.cursor.execute(cmd, content)
>
>                 self.cursor.execute(cmd, (content, id))
>
> would be the preferred method...

Thanks very much - this works perfectly -ak

>
> --
>         Wulfraed        Dennis Lee Bieber               KD6MOG
>         wlfr... at ix.netcom.com               wulfr... at bestiaria.com
>                 HTTP://wlfraed.home.netcom.com/
>         (Bestiaria Support Staff:               web-a... at bestiaria.com)
>                 HTTP://www.bestiaria.com/




More information about the Python-list mailing list