Another MySQL Problem

[Paul Rubin]

Stephen Hansen <me+list/python at ixokai.io> writes:
>On 6/23/10 6:45 AM, Victor Subervi wrote:
>>   cursor.execute('select clientEmail from clients where client=%s', ...
> Do, 'client.replace("_", " ")' instead.

Er, look what happened to Little Bobby Tables (a quick web search on his
name should find his story) because someone wrote code like that.
Really, write the code a different way, with a prepared query.