In message <784h2cf1kem0...@mid.uni-berlin.de>, Diez B. Roggisch wrote:
> Lawrence D'Oliveiro wrote:
>
>> In message <mailman.766.1243354300.8015.python-l...@python.org>, Dennis
>> Lee Bieber wrote:
>>
>>> Notice that db.literal() call? That's part of the mechanism used to
>>> escape and quote parameters -- it only returns strings that are safe for
>>> insertion into the SQL statement.
>>
>> Does it deal with "like"-wildcards?
>
> Why shouldn't it?
>
> cursor.execute("select * from table where column like %s", "%name%")
What if the string you're searching for includes a "%" or "_" character?
--
http://mail.python.org/mailman/listinfo/python-list
