Hi;
I have this code:
sql = 'insert into personalDataKeys values (%s, %s, %s)' % (store, user,
', %s'.join('%s' * len(col_vals))
cursor.execute(sql, col_vals)Is this open to injection attacks? If so, how correct? TIA, beno
-- http://mail.python.org/mailman/listinfo/python-list
