Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #34590
| Date | 2012-12-11 00:51 +0000 |
|---|---|
| From | MRAB <python@mrabarnett.plus.com> |
| Subject | Re: MySQLdb insert HTML code error |
| References | <CAKhY55Nfq7+CsjqrksdGYxODNYUvBSowXQYjZ6-FzxQeOgBnUQ@mail.gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.702.1355187064.29569.python-list@python.org> (permalink) |
On 2012-12-11 00:04, Anatoli Hristov wrote:
> Hi all,
>
> I'm facing an issue inserting an html code into the DB, it comes out
> with a syntax error but I face it only when I have html code. Could
> help me escape the error somehow ?
>
> Here is my code
>
> def InsertSpecsDB(product_id, spec, lang, name):
> db = MySQLdb.connect("localhost","getit","opencart")
> cursor = db.cursor()
> sql = ("INSERT INTO product_description (product_id, language_id,
> name, description) VALUES ('%s','%s','%s','%s')")
> params = (product_id, lang, name, spec)
> cursor.execute(sql, params)
> id = cursor.lastrowid
> print"Updated ID %s description %s" %(int(id), lang)
> return id
>
You're using a parametrised query (which is good :-)), but you've included
quotes around the placeholders. There's no need to do that. They'll be
quoted automatically when necessary:
sql = "INSERT INTO product_description (product_id, language_id, name,
description) VALUES (%s,%s,%s,%s)"
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: MySQLdb insert HTML code error MRAB <python@mrabarnett.plus.com> - 2012-12-11 00:51 +0000
csiph-web