为什么我的 Web 应用程序在尝试 POST INSERT 查询时生成 1064 (42000) 错误?
Why is my web application generating a 1064 (42000) error when trying to POST an INSERT query?
我正在尝试使用 Flask、MySQL 和 HTML 表单创建用户注册页面。当我尝试 post 从表单到数据库的数据时,我 运行 遇到了这个错误。任何人都可以看到 SQL 哪里出了问题吗?
收到的完整错误是:
1064 (42000): 你的 SQL 语法有误;查看与您的 MySQL 服务器版本相对应的手册,了解在第 1
行的“%s”附近使用的正确语法
我的连接函数是:
import mysql.connector
from flask import *
def connection():
conn = mysql.connector.connect(host="localhost", db="user_login",user="root",
password="password")
c = conn.cursor()
return c, conn
这是在 init.py 文件中导入的,并在下面调用:
class RegistrationForm(Form):
firstName = StringField('First Name', [validators.Length(min = 3, max = 25)])
lastName = StringField('Surname', [validators.Length(min = 3, max = 25)])
username = StringField('Username', [validators.Length(min = 4, max = 25)])
email = StringField('Email Address', [validators.Length(min = 6, max = 50)])
password = PasswordField('Password', [validators.required(),
validators.EqualTo('confirm', message = 'Passwords must match')])
confirm = PasswordField('Repeat Password')
@app.route('/register/', methods = ['GET', 'POST'])
def register_page():
try:
form = RegistrationForm(request.form)
if request.method == "POST" and form.validate():
firstName = form.firstName.data
lastName = form.lastName.data
username = form.username.data
email = form.email.data
password = form.password.data
is_admin = 0
c, conn = connection()
x = c.execute("SELECT * FROM users WHERE username = %s",(username))
if int(x) > 0:
flash("That username is already taken, please choose another")
return render_template('register.html', form = form)
else:
c.execute("""
INSERT INTO users (firstName, lastName, username, email, password, is_admin)
VALUES (%s, %s, %s, %s, %s, %s)
""",(firstName, lastName, username, email, password, is_admin))
conn.commit()
flash("Thanks for registering!")
c.close()
conn.close()
gc.collect()
session['logged_in'] = True
session['username'] = username
return redirect(url_for('dashboard'))
return render_template('register.html', form = form)
except Exception as e:
return(str(e))
我认为您的问题是 SELECT,而不是 INSERT。您将 (username) 作为参数传递——这是 而不是 元组。您需要使用尾随逗号:
x = c.execute("SELECT * FROM users WHERE username = %s", (username,))
我正在尝试使用 Flask、MySQL 和 HTML 表单创建用户注册页面。当我尝试 post 从表单到数据库的数据时,我 运行 遇到了这个错误。任何人都可以看到 SQL 哪里出了问题吗?
收到的完整错误是:
1064 (42000): 你的 SQL 语法有误;查看与您的 MySQL 服务器版本相对应的手册,了解在第 1
行的“%s”附近使用的正确语法我的连接函数是:
import mysql.connector
from flask import *
def connection():
conn = mysql.connector.connect(host="localhost", db="user_login",user="root",
password="password")
c = conn.cursor()
return c, conn
这是在 init.py 文件中导入的,并在下面调用:
class RegistrationForm(Form):
firstName = StringField('First Name', [validators.Length(min = 3, max = 25)])
lastName = StringField('Surname', [validators.Length(min = 3, max = 25)])
username = StringField('Username', [validators.Length(min = 4, max = 25)])
email = StringField('Email Address', [validators.Length(min = 6, max = 50)])
password = PasswordField('Password', [validators.required(),
validators.EqualTo('confirm', message = 'Passwords must match')])
confirm = PasswordField('Repeat Password')
@app.route('/register/', methods = ['GET', 'POST'])
def register_page():
try:
form = RegistrationForm(request.form)
if request.method == "POST" and form.validate():
firstName = form.firstName.data
lastName = form.lastName.data
username = form.username.data
email = form.email.data
password = form.password.data
is_admin = 0
c, conn = connection()
x = c.execute("SELECT * FROM users WHERE username = %s",(username))
if int(x) > 0:
flash("That username is already taken, please choose another")
return render_template('register.html', form = form)
else:
c.execute("""
INSERT INTO users (firstName, lastName, username, email, password, is_admin)
VALUES (%s, %s, %s, %s, %s, %s)
""",(firstName, lastName, username, email, password, is_admin))
conn.commit()
flash("Thanks for registering!")
c.close()
conn.close()
gc.collect()
session['logged_in'] = True
session['username'] = username
return redirect(url_for('dashboard'))
return render_template('register.html', form = form)
except Exception as e:
return(str(e))
我认为您的问题是 SELECT,而不是 INSERT。您将 (username) 作为参数传递——这是 而不是 元组。您需要使用尾随逗号:
x = c.execute("SELECT * FROM users WHERE username = %s", (username,))