Пытаюсь сделать простой запрос с защитой от sql инъекций:
cursor.execute(u'SELECT * FROM list WHERE type_id =?', (2,))
File "/usr/local/lib/python2.6/dist-packages/cherrypy/_cprequest.py", line 645, in respond
response.body = self.handler()
File "/usr/local/lib/python2.6/dist-packages/cherrypy/lib/encoding.py", line 188, in __call__
self.body = self.oldhandler(*args, **kwargs)
File "/usr/local/lib/python2.6/dist-packages/cherrypy/_cpdispatch.py", line 29, in __call__
return self.callable(*self.args, **self.kwargs)
File "/var/www/events/www.py", line 81, in index
cursor.execute(u'SELECT * FROM list WHERE type_id =?', (str(2),))
File "/usr/lib/pymodules/python2.6/MySQLdb/cursors.py", line 151, in execute
query = query % db.literal(args)
TypeError: not all arguments converted during string formatting