MySQLdb injection support

I cannot figure out how should I set up language injection so my "%s" variables should not break MySQL expression. I use MySQLdb connector.
For example:

    cursor.execute('SELECT `group_id` FROM `groups` WHERE team_id=%s', (1, 2))

%s is an error!
Or maybe you can advice some alternative for MySQLdb that easily replace it?
Thanks for your reply!

I decided to migrate to oursql for now. Syntax is almost the same (but no autocommit method on connection). It supports question mark notation... Anyway will love to see this bug get fixed in future versions.

Please sign in to leave a comment.