mod_python

[Diez B. Roggisch]

> I hate to ask, but what happens when I enter "a, b, c);DROP DATABASE;" as
> the entry for z_name? (Or some similar attempt to close the
> SQL statement and start a new one). I think you want to google for "SQL
> injection" and think about sanitising user input a bit.

And using the parametrized form of cursor.execute() - which I guess is 
easier to do. But you're right of course, too.

Regards,

Diez