Cursor.execute 数据添加单引号并中断包含 IN(1,2) 语句且 mysql in python 的查询

Question

感谢阅读。我在尝试将变量发送到 cursor.execute(query,variable) 时遇到问题。查询包含 IN (%s) 语句，变量包含以逗号分隔的整数。当 pythons 执行显然向变量添加单引号时会出现问题。它打破了查询。所以... 如何覆盖此行为以丢弃引号？

查询: review_authors=

SELECT   autor.id, autor.escuela, autor.nombre, count(*) 
FROM     autor, cita, obra 
WHERE    obra.autor=autor.id 
AND      cita.obra=obra.id 
AND      cita.id in ( %s ) 
GROUP BY autor.id, autor.escuela, autor.nombre 
ORDER BY autor.nombre ASC;

数据:

citaid=request.cookies.get("idNote")

cursor.execute:

Cursor.execute(review_authors, citaid)

通知错误:

C:\Users\sebap\Web\venv\lib\site-packages\pymysql\cursors.py:170: Warning: (1292, "Truncated incorrect DOUBLE value: '5302,5303,354,501'") result = self._query(query)

再次感谢

Answer 1

您需要做的是在您的查询中放置占位符 %s。
然后变量将进入其适当的位置。

citaid=request.cookies.get("idNote")
placeholders = ",".join(['%s']*len(citaid)) 
review_authors = """SELECT autor.id, autor.escuela, autor.nombre, COUNT(*) 
                    FROM autor, cita, obra 
                    WHERE obra.autor=autor.id 
                        AND cita.obra=obra.id 
                        AND cita.id in ({}) 
                    GROUP BY autor.id, autor.escuela, autor.nombre 
                    ORDER BY autor.nombre ASC;""".format(placeholders)
Cursor.execute(review_authors, citaid)

Cursor.execute 数据添加单引号并中断包含 IN(1,2) 语句且 mysql in python 的查询

Cursor.execute data adds single quotes marks and breaks query that contains IN(1,2) statement with mysql in python

python

mysql

variables

select

cursor