Python unicode excape underscore and double quotes

Question

I have data which represent usernames from different languages. I have carries out proper unicoding process as follows:

while attempts < 3 and not success:
    query = ur'''select gu_name from globaluser where gu_name = "{uname}"'''.format(uname=unicode(filerow['user_name'],'utf-8', errors='strict'))
    try:
        self.gdbCursor.execute(query.encode('utf-8'))
        gUser = self.gdbCursor.fetchone()

But when it comes to names like this Name1_"GG"_Name1AnotherName I ended up getting following error:

ProgrammingError: (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near \'GG" Cooper"\' at line 1')

How do I properly encode these type of characters?

Update:

Based on the answers provided I did the following:

\'GG" Cooper"\' to resolve user name

                    while attempts < 3 and not success:
                        #query = ur'''select gu_name from globaluser where gu_name = "{uname}"'''.format(uname=unicode(filerow['user_name'],'utf-8', errors='strict'))
                        uName = unicode(filerow['user_name'], 'utf-8')
                        query = ur'''select gu_name from globaluser where gu_name = "%s"'''
                        try:
                            #self.gdbCursor.execute(query.encode('utf-8'))
                            self.gdbCursor.execute((query % (uName)).encode('utf-8'))
                            gUser = self.gdbCursor.fetchone()

But I still get the following error:

ProgrammingError: (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near \'GG" Cooper"\' at line 1')

Answer 1

You should be using parameters inputs as it suggested in:

http://legacy.python.org/dev/peps/pep-0249/#id15

Here is an example:

sql = "insert into foo values(%s)"
cursor.execute(sql, ('My very %$@*@"""S weird name',))