QuoteSQL

[Sybren Stuvel]

Lawrence D'Oliveiro enlightened us with:
>         "select * from details where person_name like"
>         " concat(\"%%\", %s, \"%%\")" \
>     % \
>         QuoteSQL(name, True)

Wouldn't this be a whole lot better?

cursor.execute(
    "select * from details where person_name like ?",
    '%' + name + '%'
)

Sybren
-- 
Sybren Stüvel
Stüvel IT - http://www.stuvel.eu/