Python: 无法格式化 SQL 查询字符串
Python: Cannot format SQL query string
我想创建一个 SQL 查询字符串并从 python
执行它
import mysql.connector
from mysql.connector import Error
client = mysql.connector.connect(host=sql_host,
port=sql_port,
database=sql_db,
user=os.environ['SQLUSER'],
passwd=os.environ['SQLPASS']
)
try:
a = "val1"
b = "val2"
cursor = client.cursor()
query = "insert into mytable values ('{}', '{}')".format(a,b)
print(query)
cursor.execute(query)
except Error as e:
print(e)
这不会给我错误,但与此同时,table 中没有插入任何内容。我认为那是因为创建的查询字符串看起来像
"insert into mytable values (\'val1\', \'val2\')"
我什至尝试过 .replace('\',''),但我无法从查询字符串中删除 \。
我做错了什么?
更新:
感谢@cody 的帮助。但是现在,我得到了一个不同的错误
a = 'val1'
b = 'val2'
query = "insert into mytable values (%s, %s)"
print(query)
cursor.execute(query, (a,b))
client.commit()
现在我明白了
1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
这是什么意思?我的值
中甚至没有任何 ''
编辑
在调查时,我看到 cursor 的 _executed 属性看起来像这样
'insert into dev_test_storage values (\'val1\', \'val2\')'
为什么我在执行的查询中仍然有 \?
这是创建 table 语句
CREATE TABLE IF NOT EXISTS myTable
(
col1 varchar(50) not null,
col2 varchar (100) not null
);
请看下面MySQL connector-python documentation for insert中的例子。不要将 format 用于准备好的语句参数,而是将它们作为第二个参数传递给 execute。该示例显示将数据作为元组和字典传递:
from __future__ import print_function
from datetime import date, datetime, timedelta
import mysql.connector
cnx = mysql.connector.connect(user='scott', database='employees')
cursor = cnx.cursor()
tomorrow = datetime.now().date() + timedelta(days=1)
add_employee = ("INSERT INTO employees "
"(first_name, last_name, hire_date, gender, birth_date) "
"VALUES (%s, %s, %s, %s, %s)")
add_salary = ("INSERT INTO salaries "
"(emp_no, salary, from_date, to_date) "
"VALUES (%(emp_no)s, %(salary)s, %(from_date)s, %(to_date)s)")
data_employee = ('Geert', 'Vanderkelen', tomorrow, 'M', date(1977, 6, 14))
# Insert new employee
cursor.execute(add_employee, data_employee)
emp_no = cursor.lastrowid
# Insert salary information
data_salary = {
'emp_no': emp_no,
'salary': 50000,
'from_date': tomorrow,
'to_date': date(9999, 1, 1),
}
cursor.execute(add_salary, data_salary)
# Make sure data is committed to the database
cnx.commit()
cursor.close()
cnx.close()
此外,您可能需要调用 commit,如文档所述
Since by default Connector/Python turns autocommit off, and MySQL 5.5
and higher uses transactional InnoDB tables by default, it is
necessary to commit your changes using the connection's commit()
method. You could also roll back using the rollback() method.
编辑:
我不确定为什么你仍然遇到查询被不正确转义的问题,我已经尽可能地复制了你的条件并且它工作正常:
Table:
MariaDB [pets]> DESCRIBE myTable;
+-------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+--------------+------+-----+---------+-------+
| col1 | varchar(50) | NO | | NULL | |
| col2 | varchar(100) | NO | | NULL | |
+-------+--------------+------+-----+---------+-------+
Python代码:
import mysql.connector
cnx = mysql.connector.connect(user='cody', password='secret', database='pets')
cursor = cnx.cursor()
a = 'val1'
b = 'val2'
query = "insert into myTable values (%s, %s)"
cursor.execute(query, (a,b))
cnx.commit()
print(cursor._executed)
cursor.close()
cnx.close()
程序成功运行并按预期打印执行的查询:
cody@servo:~$ python mysql-test.py
insert into myTable values ('val1', 'val2')
并插入行:
MariaDB [pets]> SELECT * FROM myTable;
+------+------+
| col1 | col2 |
+------+------+
| val1 | val2 |
+------+------+
1 row in set (0.01 sec)
我想创建一个 SQL 查询字符串并从 python
执行它import mysql.connector
from mysql.connector import Error
client = mysql.connector.connect(host=sql_host,
port=sql_port,
database=sql_db,
user=os.environ['SQLUSER'],
passwd=os.environ['SQLPASS']
)
try:
a = "val1"
b = "val2"
cursor = client.cursor()
query = "insert into mytable values ('{}', '{}')".format(a,b)
print(query)
cursor.execute(query)
except Error as e:
print(e)
这不会给我错误,但与此同时,table 中没有插入任何内容。我认为那是因为创建的查询字符串看起来像
"insert into mytable values (\'val1\', \'val2\')"
我什至尝试过 .replace('\',''),但我无法从查询字符串中删除 \。
我做错了什么?
更新:
感谢@cody 的帮助。但是现在,我得到了一个不同的错误
a = 'val1'
b = 'val2'
query = "insert into mytable values (%s, %s)"
print(query)
cursor.execute(query, (a,b))
client.commit()
现在我明白了
1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
这是什么意思?我的值
中甚至没有任何''
编辑
在调查时,我看到 cursor 的 _executed 属性看起来像这样
'insert into dev_test_storage values (\'val1\', \'val2\')'
为什么我在执行的查询中仍然有 \?
这是创建 table 语句
CREATE TABLE IF NOT EXISTS myTable
(
col1 varchar(50) not null,
col2 varchar (100) not null
);
请看下面MySQL connector-python documentation for insert中的例子。不要将 format 用于准备好的语句参数,而是将它们作为第二个参数传递给 execute。该示例显示将数据作为元组和字典传递:
from __future__ import print_function
from datetime import date, datetime, timedelta
import mysql.connector
cnx = mysql.connector.connect(user='scott', database='employees')
cursor = cnx.cursor()
tomorrow = datetime.now().date() + timedelta(days=1)
add_employee = ("INSERT INTO employees "
"(first_name, last_name, hire_date, gender, birth_date) "
"VALUES (%s, %s, %s, %s, %s)")
add_salary = ("INSERT INTO salaries "
"(emp_no, salary, from_date, to_date) "
"VALUES (%(emp_no)s, %(salary)s, %(from_date)s, %(to_date)s)")
data_employee = ('Geert', 'Vanderkelen', tomorrow, 'M', date(1977, 6, 14))
# Insert new employee
cursor.execute(add_employee, data_employee)
emp_no = cursor.lastrowid
# Insert salary information
data_salary = {
'emp_no': emp_no,
'salary': 50000,
'from_date': tomorrow,
'to_date': date(9999, 1, 1),
}
cursor.execute(add_salary, data_salary)
# Make sure data is committed to the database
cnx.commit()
cursor.close()
cnx.close()
此外,您可能需要调用 commit,如文档所述
Since by default Connector/Python turns autocommit off, and MySQL 5.5 and higher uses transactional InnoDB tables by default, it is necessary to commit your changes using the connection's commit() method. You could also roll back using the rollback() method.
编辑:
我不确定为什么你仍然遇到查询被不正确转义的问题,我已经尽可能地复制了你的条件并且它工作正常:
Table:
MariaDB [pets]> DESCRIBE myTable;
+-------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-------+--------------+------+-----+---------+-------+
| col1 | varchar(50) | NO | | NULL | |
| col2 | varchar(100) | NO | | NULL | |
+-------+--------------+------+-----+---------+-------+
Python代码:
import mysql.connector
cnx = mysql.connector.connect(user='cody', password='secret', database='pets')
cursor = cnx.cursor()
a = 'val1'
b = 'val2'
query = "insert into myTable values (%s, %s)"
cursor.execute(query, (a,b))
cnx.commit()
print(cursor._executed)
cursor.close()
cnx.close()
程序成功运行并按预期打印执行的查询:
cody@servo:~$ python mysql-test.py
insert into myTable values ('val1', 'val2')
并插入行:
MariaDB [pets]> SELECT * FROM myTable;
+------+------+
| col1 | col2 |
+------+------+
| val1 | val2 |
+------+------+
1 row in set (0.01 sec)