Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!feeder.news-service.com!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.030
X-Spam-Evidence: '*H*': 0.94; '*S*': 0.00; '(at': 0.03; '+0100,': 0.07; '(it': 0.09; 'pm,': 0.11; 'wrote:': 0.14; '"...': 0.16; 'bieber': 0.16; 'declaimed': 0.16; 'tue,': 0.20; 'header:In-Reply- To:1': 0.22; 'lee': 0.22; 'mon,': 0.22; 'values': 0.23; 'received:209.85.214.174': 0.23; 'received:mail- iw0-f174.google.com': 0.23; 'properly': 0.25; 'chris': 0.27; 'message-id:@mail.gmail.com': 0.28; 'least': 0.30; "won't": 0.30; 'perhaps': 0.32; 'to:addr:python-list': 0.32; '...': 0.32; 'put': 0.35; 'forces': 0.35; 'quotes': 0.35; 'subject:use': 0.35; 'received:209.85': 0.37; 'either': 0.37; 'apr': 0.38; 'received:google.com': 0.38; 'but': 0.38; 'database': 0.38; 'tim': 0.39; 'received:209.85.214': 0.39; 'end': 0.39; 'to:addr:python.org': 0.39; 'where': 0.39; 'received:209': 0.39; "it's": 0.40; 'header:Received:5': 0.40; '2011': 0.62; 'engine': 0.67; 'dennis': 0.68; 'golden': 0.68; 'concatenate': 0.84; 'safe.': 0.95
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=T0OkER0IGJJt2ZwScbxM/QD5zjkphFLjuFYlmvOAv90=; b=rMMI9PUQc1LCpc9pui15RE7Ndao6PNWL1r+tn303sIi4l4uSoPvwpchobeFlCDStik oqOqKHGRgzM+p0OABRKiCxJIZx72Y1JotkWvP7rjqYUsznDXoWjrhq0dMA3U2R5RTxXc E//Pr8YhvZhj8FBgPHLEpTUgOI0P8ONbhdIQ0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=tKXhjVuTgbx6euDWPeSBVoiEku86petgQblK5lAZe9iqcY58cYFFMKQ2itZG4nNVh1 jmCViYiJAAv2TtOFTguXnVMJ2ZgKBg2VOpNdCnPdCyL3uiIEdrXTYdaVQ4cb1uzYHNXT Bd58kPy4wC/yhCizUSC6FvCeFhRH6L7nqIYNw=
MIME-Version: 1.0
In-Reply-To: <ioj65v$1j7$1@dough.gmane.org>
References: <4dabf65a$0$18250$4fafbaef@reader2.news.tin.it> <4DABF9F8.2020609@timgolden.me.uk> <ioj65v$1j7$1@dough.gmane.org>
Date: Tue, 19 Apr 2011 15:31:44 +1000
Subject: Re: strange use of %s
From: Chris Angelico <rosuav@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.546.1303191107.9059.python-list@python.org>
Lines: 20
NNTP-Posting-Host: 82.94.164.166
X-Trace: 1303191108 news.xs4all.nl 81485 [::ffff:82.94.164.166]:48464
X-Complaints-To: abuse@xs4all.nl
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:3538

On Tue, Apr 19, 2011 at 3:22 PM, Dennis Lee Bieber
<wlfraed@ix.netcom.com> wrote:
> On Mon, 18 Apr 2011 09:44:40 +0100, Tim Golden <mail@timgolden.me.uk>
> declaimed the following in gmane.comp.python.general:
>
>
>> =A0 =A0sql =3D "SELECT ... WHERE name LIKE '%' + ? + '%'"
>> =A0 =A0q =3D db.cursor ()
>> =A0 =A0q.execute (sql, [response])
>>
> =A0 =A0 =A0 =A0That won't work properly either (at least not in MySQLdb -=
- which
> quotes the values put into the placeholder; you'd end up with
> =A0 =A0 =A0 =A0'%''value''%'

You'd end up with "... LIKE '%' + 'value' + '%'" which is perhaps
overkill (it forces the database engine to concatenate three strings),
but at least it's safe.

Chris Angelico