MySQL One More Again
Victor Subervi
victorsubervi at gmail.com
Fri Jul 16 09:22:31 EDT 2010
Hi;
I have the following code:
cursor.execute('select MyTable from optionsDetails where Store=%s',
(store,))
options_tables = [item[0] for item in cursor]
for table in options_tables:
cursor.execute('select * from %' % table)
You can already see what my question is. One of y'all said it's possible
under certain conditions to use the % without risking attack. Now is when I
need to know how to do that. Please advise.
TIA,
beno
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20100716/3344a485/attachment.html>
More information about the Python-list
mailing list