On Mon, 2006-02-13 at 13:18, MooMaster wrote: > Lol, that was a copy paste error into the post on my part...but the > problem has been fixed. Turns out that there was a string.replace call > somewhere else in the code that replaced all single quotes with empty > strings, which thus caused the singe quotes to disappear! Whoops!
Please do yourself a favor and make use of the fact that Python's database API allows parametrized queries. Here's a sketch of what that might look like: sql = 'INSERT INTO prime.utwsLOT VALUES (:kID, etc...)' curse = self.connection.cursor() curse.execute(sql, kID=self.kID, etc...) Of course, "etc..." would have to be replaced with additional placeholders and parameter values for all the columns in utwsLOT. By using parametrized queries, you don't have to worry about any of the supplied values requiring special treatment due to any quotation marks or apostrophes that might they might contain. Hope this helps, Carsten. -- http://mail.python.org/mailman/listinfo/python-list
