On Mon, 2006-01-23 at 18:17 +0000, Alan Gauld wrote: > > On Sun, 2006-01-22 at 21:23 +0300, ZIYAD A. M. AL-BATLY wrote: > >> wrong_string = '''SELECT s FROM t WHERE id=%s''' , (email_id) > > > > The string is being used in a call to cursor.execute. The email_id is a > > second parameter getting passed to execute. That is the *correct* > > approach to use. > > Nope, sorry. > This sends the string > > SELECT ..... id=%s [EMAIL PROTECTED] > > ie the %s is kept in the string, not what is wanted. > > The OP must replace the comma with a % character for the string > substitution to take place.
The wrong_string line was lifted from the following code in the OP. entry = db.cursor() entry.execute("""SELECT * FROM contact WHERE email_id = %s""", (s_email,)) The execute method will handle the string substitution. This is better than doing it yourself, because execute will deal with any quoting issues for feeding the data to the database. I should have included the original code as I did here. Sorry if I created any confusion as related to regular Python string substitution. It is a very common mistake for people to do the SQL string interpolation themselves as opposed to leaving it for the execute method. > > > That is no help in explaining why the SELECT command is failing to > > return the expected results. > > The rogue %s in the select string will mess things up. > > Alan G. -- Lloyd Kvam Venix Corp _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor