Python中的Unicode excape下划线和双引号

Question

我有一个代表来自不同语言的用户名的数据。我已经进行适当的Unicoding过程如下：

while attempts < 3 and not success: 
    query = ur'''select gu_name from globaluser where gu_name = "{uname}"'''.format(uname=unicode(filerow['user_name'],'utf-8', errors='strict')) 
    try: 
     self.gdbCursor.execute(query.encode('utf-8')) 
     gUser = self.gdbCursor.fetchone() 

但是，当涉及到的名字，像这样Name1_"GG"_Name1AnotherName我最终得到以下错误：

ProgrammingError: (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near \'GG" Cooper"\'第1' 行）

怎么办我正确地编码这些类型的字符？

更新：

根据所提供的答案，我做了以下内容：

\'GG" Cooper"\'解决用户名

    while attempts < 3 and not success: 
         #query = ur'''select gu_name from globaluser where gu_name = "{uname}"'''.format(uname=unicode(filerow['user_name'],'utf-8', errors='strict')) 
         uName = unicode(filerow['user_name'], 'utf-8') 
         query = ur'''select gu_name from globaluser where gu_name = "%s"''' 
         try: 
          #self.gdbCursor.execute(query.encode('utf-8')) 
          self.gdbCursor.execute((query % (uName)).encode('utf-8')) 
          gUser = self.gdbCursor.fetchone() 

但我仍然得到以下错误：

ProgrammingError: (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near \'GG" Cooper"\' at line 1') 

Answer 1

您应该使用参数输入：

http://legacy.python.org/dev/peps/pep-0249/#id15

下面是一个例子：

sql = "insert into foo values(%s)" 
cursor.execute(sql, ('My very %$@*@"""S weird name',))