[ANN] istring 1.0.1 released; announce list created
Skip Montanaro
skip at pobox.com
Wed Mar 6 09:58:51 EST 2002
Duncan> I vote for (3):
Duncan> db.query("""SELECT foo, bar
Duncan> FROM %(table)s
Duncan> WHERE rsrc_id = %(rsrc_id)s
Duncan> AND name = '%(name)s'" % vars())
Which will work most of the time, but fail if name contains any apostrophes.
As was mentioned before, that's why the DB API supports a query method that
does its own variable interpolation. Different databases quote things in
different ways.
--
Skip Montanaro (skip at pobox.com - http://www.mojam.com/)
More information about the Python-list
mailing list