It has some kind of parameterization, yes.
Even then, I advise you switch to oursql. It brings a lot of advantages over MySQLdb:
- oursql has real parameterization.
- oursql allows text or binary data to be streamed into the database and streamed out of the database, instead of requiring everything to be buffered in the client.
- oursql can both insert rows lazily and fetch rows lazily.
- oursql has unicode support on by default.
- oursql supports python 2.4 through 2.7 without any deprecation warnings on 2.6+ (see PEP 218) and without completely failing on 2.7 (see PEP 328).
- oursql is licensed under the BSD license.
