Pet wrote: > On May 25, 2:50 pm, Peter Otten <__pete...@web.de> wrote:
>> cursor.execute(query, *values) # wrong > > as far as I know it is not wrong, at least for pyPgSQL it takes values > and escapes properly preventing sql injections If so replace "# wrong" with "# superfluous" ;) Peter -- http://mail.python.org/mailman/listinfo/python-list
