[thinkersilver]

I'm not expecting to get all the bells and whistles of an ORM in the 50 lines so my comment is on the code presented.

You probably want to escape the text.

Use the execute(QUERY[,optional parameters]) syntax.

http://stackoverflow.com/questions/902408/how-to-use-variabl...