MySQLdb insert HTML code error

Anatoli Hristov tolidtm at
Tue Dec 11 08:41:27 CET 2012

>    First thing -- DON'T put quotes around the %s place-holders... The
> whole purpose of using the parameterized .execute() is to let the
> database adapter properly escape the parameters before putting them into
> the SQL (since MySQL didn't have prepared statements before v5, it was
> producing full SQL statements for each insert, even with .executemany()
> )

Thank you, this solved my problem.:)

More information about the Python-list mailing list