In message <[EMAIL PROTECTED]>, Duncan Booth wrote:
> Sybren Stuvel <[EMAIL PROTECTED]> wrote:
>
>> Ok, should have tested it better. This works fine on my machine,
>> though:
>>
>> curs.execute(
>> "select * from details where person_name like ?",
>> ('%' + name + '%', )
>> )
>>
>> Including all sorts of quotes, newlines, backslashes etc. in the name.
>>
> I think his point was that any '%' characters inside name act like
> wildcards whereas his version looked for literal percents.
>
> This could be an argument for having a utility function to escape the
> wildcards for this sort of situation, but certainly not an argument for
> his proposed QuoteSQL.
Why not? That is exactly one of the options my QuoteSQL offers.
--
http://mail.python.org/mailman/listinfo/python-list
