On Sat, 1 Jan 2005 16:15:08 -0000, Peter Mott <[EMAIL PROTECTED]> wrote:
> >
> > Andy Dustman wrote:
> > > On Fri, 31 Dec 2004 18:53:52 -0800, Robert Brewer <[EMAIL PROTECTED]>
> > > No. With MySQL, at least, the only meta-characters it cares about in
> > > strings passed to it are single-quote ('), backslash (\), and NUL
> > > (zero-byte), and all of these can be escaped with backslash, and there
> > > is an API function to do this safely.
>
> That's nice. What is this API function?
mysql_real_escape(). It's a MySQL API function., and if you're using
MySQLdb, it's used internally; end-users never need to call it.
--
Computer interfaces should never be made of meat.
Using GMail? Setting Reply-to address to <> disables this annoying feature.
_______________________________________________
DB-SIG maillist - [email protected]
http://mail.python.org/mailman/listinfo/db-sig
