I finally discovered the "Using Bind Parameters in Text Blocks" section of the SQLAlchemy manual -- very useful and very easy to use. Perhaps this will help others who are trying to search against MySQL's FULLTEXT index safely. FWIW, I'm doing this in Pylons.
Here's what I ended up doing: t = metadata.engine.text(""" SELECT ROUND(MATCH(message) AGAINST(:message), 2) AS score, facility,severity,message,explanation,solution,significance,os FROM kb WHERE MATCH(message) AGAINST(:message) AND facility=:facility AND severity=:severity LIMIT :limit """) c.results = t.execute(message=text, facility=fac, severity=sev, limit=100).fetchall() If you echo the SQL it's using, you can see how it quotes any query parameters that have quotes in them. Slick. Thanks for such a nice tool! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To post to this group, send email to sqlalchemy@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en -~----------~----~----~----~------~----~------~--~---