MySQLdb, escaping values

[Skip Montanaro]

    Dave> I can't seem to find a method to escape strings for MySQL in the
    Dave> MySQLdb library though.

The library takes care of it for you automatically.  Something like:

    db = MySQLdb.Connection(...)
    n = raw_input("Enter a name: ").strip()
    curs = db.cursor()
    print curs.execute("select * from people where name = %s", (n,))

Note that the second arg must be a tuple, even if you are only passing a
single parameter.

Skip