On Tue, May 25, 2010 at 3:50 AM, Dennis Lee Bieber <wlfr...@ix.netcom.com>wrote:
> On Mon, 24 May 2010 13:37:58 -0400, Victor Subervi > <victorsube...@gmail.com> declaimed the following in > Parameterized queries process the parameters to ensure that they are > safe for use in the SQL statement. > > In the case of the MySQLdb adapter (written to be compatible with > pre-version 5 of MySQL) this means that the parameters are converted to > a string representation (if not already a string), characters in the > parameter that are significant to the MySQL dialect of SQL are safely > escaped, AND the resulting string is WRAPPED in quote marks. > > k. That worked. Thanks! > I suggest you study the SQL standard "like" comparison, and the use > of wildcards with it. Consider a "card catalog" application and how one > would formulate a query in which the author's last name is "Norton", and > the title of the book contains the word "Witch" (the word could be > anywhere within the title). > I understand how to do "like" queries and use wildcards. I didn't understand what you were doing over there, something with %values% or some such. If you care to pick up that thread, fine, otherwise, until the next time. Thanks you as always, Dennis :) beno
-- http://mail.python.org/mailman/listinfo/python-list
