Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #34599 > unrolled thread
| Started by | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| First post | 2012-12-11 02:08 -0500 |
| Last post | 2012-12-11 02:08 -0500 |
| Articles | 1 — 1 participant |
Back to article view | Back to comp.lang.python
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: MySQLdb insert HTML code error Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2012-12-11 02:08 -0500
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| Date | 2012-12-11 02:08 -0500 |
| Subject | Re: MySQLdb insert HTML code error |
| Message-ID | <mailman.709.1355209724.29569.python-list@python.org> |
On Tue, 11 Dec 2012 01:04:44 +0100, Anatoli Hristov <tolidtm@gmail.com>
declaimed the following in gmane.comp.python.general:
> Hi all,
>
> I'm facing an issue inserting an html code into the DB, it comes out
> with a syntax error but I face it only when I have html code. Could
> help me escape the error somehow ?
>
> Here is my code
>
> def InsertSpecsDB(product_id, spec, lang, name):
> db = MySQLdb.connect("localhost","getit","opencart")
> cursor = db.cursor()
> sql = ("INSERT INTO product_description (product_id, language_id,
> name, description) VALUES ('%s','%s','%s','%s')")
First thing -- DON'T put quotes around the %s place-holders... The
whole purpose of using the parameterized .execute() is to let the
database adapter properly escape the parameters before putting them into
the SQL (since MySQL didn't have prepared statements before v5, it was
producing full SQL statements for each insert, even with .executemany()
)
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
Back to top | Article view | comp.lang.python
csiph-web