From e275d3d4cec592369a9070eb7e5ee437d09da671 Mon Sep 17 00:00:00 2001
From: "Andrew M. Kuchling" <amk@amk.ca>
Date: Wed, 7 Jun 2006 17:04:01 +0000
Subject: [PATCH] Mention other placeholders

---
 Doc/lib/libsqlite3.tex | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Doc/lib/libsqlite3.tex b/Doc/lib/libsqlite3.tex
index 512ae88385..9545696da8 100644
--- a/Doc/lib/libsqlite3.tex
+++ b/Doc/lib/libsqlite3.tex
@@ -47,10 +47,11 @@ variables.  You shouldn't assemble your query using Python's string
 operations because doing so is insecure; it makes your program
 vulnerable to an SQL injection attack.  
 
-Instead, use SQLite's parameter substitution.  Put \samp{?} as a
+Instead, use the DB-API's parameter substitution.  Put \samp{?} as a
 placeholder wherever you want to use a value, and then provide a tuple
 of values as the second argument to the cursor's \method{execute()}
-method.  For example:
+method.  (Other database modules may use a different placeholder,
+such as \samp{\%s} or \samp{:1}.) For example:
 
 \begin{verbatim}    
 # Never do this -- insecure!
-- 
2.40.0