python - need help inserting text files with open() into mysql

Can someone h开发者_运维问答elp me out with the mysql connection statement to instert a textfile into a mysql table (field type is long blob)?

For example:

cursor.execute("insert into mytable (file_contents) values ('"+open(filename,"r").read()+"')")

Obviously that's not very practical, can someone post a better way to do this?

---

It is dangerous to append content of a file directly into an SQL query, because of special characters (quotes!) or malicious SQL commands.

Try this:

with open(filename,"r") as infile:
    cursor.execute("insert into mytable (file_contents) values (%s)", (infile.read(), ))