Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #35076
| References | <CAAPnF_VFzdcXW8Eg20kn_j0ywvG7CbK+jY3u_0EZjJhR-m4Meg@mail.gmail.com> <alpine.DEB.2.02.1212181600190.20469@gilgamesh> |
|---|---|
| Date | 2012-12-18 18:28 -0400 |
| Subject | Re: Why Doesn't This MySQL Statement Execute? |
| From | Tom Borkin <borkintom@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1032.1355869692.29569.python-list@python.org> (permalink) |
[Multipart message — attachments visible in raw view] - view raw
No (lol). It returns a date as a string: "2012-12-12" for example. Tom On Tue, Dec 18, 2012 at 6:02 PM, Wayne Werner <wayne@waynewerner.com> wrote: > On Tue, 18 Dec 2012, Tom Borkin wrote: > > Hi; >> I have this test code: >> >> if i_id == "1186": >> sql = 'insert into interactions values(Null, %s, "Call Back", >> "%s")' % (i_id, date_plus_2) >> cursor.execute(sql) >> db.commit() >> print sql >> It prints the sql statement, but it doesn't execute. If I copy and paste >> the sql into the mysql command line it does execute without warnings or >> errors. What gives? >> > > Does date_plus_2 contain > > "Robert"); DROP TABLE interactions; -- > > By any chance? > -W
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: Why Doesn't This MySQL Statement Execute? Tom Borkin <borkintom@gmail.com> - 2012-12-18 18:28 -0400
csiph-web