On Fri, 2007-05-25 at 09:51 -0500, Dave Borne wrote: > > I'm trying to run the following query: > ... > > member_id=%s AND expire_date > NOW() AND completed=1 AND (product_id > > Shouldn't you be using the bind variable '?' instead of '%s' ?
The parameter placeholder for MySQLdb is, indeed and unfortunately, %s. The OP is using parameter substitution correctly, though in an obfuscated fashion. 'sql' is a misnamed tuple containing both the query string *and* the parameters, which is being unpacked with '*' into two arguments to the execute call. The only problem I see is that the parameters should be a sequence, i.e. (self.uid,) instead of just (self.uid). HTH, -- Carsten Haese http://informixdb.sourceforge.net -- http://mail.python.org/mailman/listinfo/python-list