Escape string Python for MySQL

Question

Hello,

I use Python and MySQLdb to download web pages and store them into database. The problem I have is that I can't save complicated strings into database because they are not escaped properly.

Is there a function in Python I can use to escape a string for MySQL? I tried with ''' (tiple simple quotes) and """, but it didn't work. I know that PHP has mysql_escape_string(), is something similar in Python?

Thanks,

Answer 1

conn.escape_string()

See MySQL C API function mapping: http://mysql-python.sourceforge.net/MySQLdb.html

Answer 2

Python's DB-API solves this in a much cleaner way - instead of commingling the statement and the data, it uses parametrized queries. See the accepted answer to http://stackoverflow.com/questions/775296/python-mysql-with-variables for one example of how to use these with mysqldb