andybrookes...@googlemail.com:
> cursor = self.conn.execute("SELECT * from wiki WHERE one LIKE '%s' "%
> self.myString1)That's really dangerous. See: <URL: http://stackoverflow.com/questions/309945/how-to-quote-a-strin g-value-explicitly-python-db-api-psycopg2> Now, I don't know if there are any better stdlib ways to quote SQL strings properly. Marko -- https://mail.python.org/mailman/listinfo/python-list
