在 mysql 数据库 table 中存储盐和密钥导致错误
Storing salt and key in mysql database table is resulting in an error
输出如下:
欢迎使用图书馆系统
1.LOGIN
2.NEW 用户
3.EXIT
输入您的选择:2
欢迎,新用户,请输入有效的用户名和密码
输入用户名:ASHES
输入密码:MASON
然后,有一个错误的回溯:
Traceback (most recent call last): File
"C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py",
line 523, in cmd_query
self._cmysql.query(query,
_mysql_connector.MySQLInterfaceError: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version
for the right syntax to use near
'\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe'
at line 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File
"C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line
139, in
adduser(username,password) File "C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line
71, in adduser
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt)) File
"C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\cursor_cext.py",
line 269, in execute
result = self._cnx.cmd_query(stmt, raw=self._raw, File "C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py",
line 528, in cmd_query
raise errors.get_mysql_exception(exc.errno, msg=exc.msg, mysql.connector.errors.ProgrammingError: 1064 (42000): You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near
'\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe'
at line 1
mysql> use library;
Database changed
mysql> desc users;
+----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+--------------+------+-----+---------+-------+
| username | varchar(20) | YES | | NULL | |
| key | varchar(100) | YES | | NULL | |
| salt | varchar(100) | YES | | NULL | |
+----------+--------------+------+-----+---------+-------+
3 rows in set (0.15 sec)
最少的代码:
import mysql.connector
import hashlib
import os
mycon=mysql.connector.connect(host="localhost",user="root",passwd="123456",database="library")
cursor=mycon.cursor()
stmt = "SHOW TABLES LIKE 'users'"
cursor.execute(stmt)
result = cursor.fetchone()
if result:
pass
else:
cursor.execute("create table users(username varchar(20),key varchar(100),salt varchar(100));")
cursor.execute("create table userlist(username varchar(20),book varchar(200));")
def checkkey(usertest):
cursor.execute("select count(username) from users where username='{}';".format(usertest))
count = cursor.fetchone()[0]
if count==1:
return False
elif count==0:
return True
else:
print("error no valid value returned")
return False
def adduser(username,password):
salt = os.urandom(32)
key = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
mycon.commit()
while True:
print("WELCOME, NEW USER, PLEASE ENTER A VALID USERNAME AND PASSWORD")
usertest=input("Enter username: ")
usertest2=usertest
x=checkkey(usertest)
if x==True:
password=input("Enter Password: ")
username=usertest2
adduser(username,password)
print("USER CREATED")
break
elif x==False:
print("Username already exists, try again")
continue
else:
print("Error, unknown exception in boolean")
break
为什么会这样?
为了完整起见,这里是完整的答案:
有几个问题:
- 这一行的括号不平衡
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
- 尝试将字节数据插入
varchar
- 这可能有效,这实际上取决于您的 sql 引擎
- 对二进制数据使用字符串格式
1. 和 3. 的解决方案是使用准备语句:
cursor.execute("insert into users values(%s, %s, %s)", (username,key,salt))
如果问题仍然存在,请将 table 中的适当数据类型从 varchar
更改为 binary
或 varbinary
输出如下: 欢迎使用图书馆系统 1.LOGIN 2.NEW 用户 3.EXIT 输入您的选择:2 欢迎,新用户,请输入有效的用户名和密码 输入用户名:ASHES 输入密码:MASON
然后,有一个错误的回溯:
Traceback (most recent call last): File "C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py", line 523, in cmd_query self._cmysql.query(query, _mysql_connector.MySQLInterfaceError: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe' at line 1
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line 139, in adduser(username,password) File "C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line 71, in adduser cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt)) File "C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\cursor_cext.py", line 269, in execute result = self._cnx.cmd_query(stmt, raw=self._raw, File "C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py", line 528, in cmd_query raise errors.get_mysql_exception(exc.errno, msg=exc.msg, mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe' at line 1
mysql> use library;
Database changed
mysql> desc users;
+----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+--------------+------+-----+---------+-------+
| username | varchar(20) | YES | | NULL | |
| key | varchar(100) | YES | | NULL | |
| salt | varchar(100) | YES | | NULL | |
+----------+--------------+------+-----+---------+-------+
3 rows in set (0.15 sec)
最少的代码:
import mysql.connector
import hashlib
import os
mycon=mysql.connector.connect(host="localhost",user="root",passwd="123456",database="library")
cursor=mycon.cursor()
stmt = "SHOW TABLES LIKE 'users'"
cursor.execute(stmt)
result = cursor.fetchone()
if result:
pass
else:
cursor.execute("create table users(username varchar(20),key varchar(100),salt varchar(100));")
cursor.execute("create table userlist(username varchar(20),book varchar(200));")
def checkkey(usertest):
cursor.execute("select count(username) from users where username='{}';".format(usertest))
count = cursor.fetchone()[0]
if count==1:
return False
elif count==0:
return True
else:
print("error no valid value returned")
return False
def adduser(username,password):
salt = os.urandom(32)
key = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
mycon.commit()
while True:
print("WELCOME, NEW USER, PLEASE ENTER A VALID USERNAME AND PASSWORD")
usertest=input("Enter username: ")
usertest2=usertest
x=checkkey(usertest)
if x==True:
password=input("Enter Password: ")
username=usertest2
adduser(username,password)
print("USER CREATED")
break
elif x==False:
print("Username already exists, try again")
continue
else:
print("Error, unknown exception in boolean")
break
为什么会这样?
为了完整起见,这里是完整的答案:
有几个问题:
- 这一行的括号不平衡
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
- 尝试将字节数据插入
varchar
- 这可能有效,这实际上取决于您的 sql 引擎 - 对二进制数据使用字符串格式
1. 和 3. 的解决方案是使用准备语句:
cursor.execute("insert into users values(%s, %s, %s)", (username,key,salt))
如果问题仍然存在,请将 table 中的适当数据类型从 varchar
更改为 binary
或 varbinary