On Sat, 20 Oct 2007 21:06:31 -0700, Dennis Lee Bieber wrote > On Sat, 20 Oct 2007 22:47:23 -0400, Carsten Haese <[EMAIL PROTECTED]> > declaimed the following in comp.lang.python: > > > Haven't we told you before not to use the % operator to fill values into > > a query? Use parameter binding: > > > > cursor.execute("SELECT id from templinks where url=%s", (URL,) ) > > > And check the adapter documentation with regards to the placeholder > it uses... It may just want a ? instead of %s
The OP uses psycopg2, which unfortunately uses %s parameter notation. But I agree, it's worth noting that the parameter style may vary between different DB-API implementations (until the next version of DB-API, when supporting at least qmark and named parameter styles becomes mandatory, yay!). -- Carsten Haese http://informixdb.sourceforge.net -- http://mail.python.org/mailman/listinfo/python-list