formating query with empty parameter

Peter Otten __peter__ at
Mon May 25 18:45:26 CEST 2009

Pet wrote:

> On May 25, 2:50 pm, Peter Otten <__pete... at> wrote:

>> cursor.execute(query, *values) # wrong
> as far as I know it is not wrong, at least for pyPgSQL it takes values
> and escapes properly preventing sql injections

If so replace "# wrong" with "# superfluous" ;)


More information about the Python-list mailing list