For some reason, this simple block of code is giving me a sql syntax error. I have no clue why it's wrong
result = conn.execute(
text(
'''
SET #var = 1;
SELECT #var;
'''
)
)
print(result.fetchall())
Why is this giving me a sql syntax error?
sqlalchemy.exc.ProgrammingError: (pymysql.err.ProgrammingError) (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT #var' at line 2")
[SQL:
SET #var = 1;
SELECT #var;
]
(Background on this error at: https://sqlalche.me/e/14/f405)
Related
I know there're similar questions regarding this topic in Stackoverflow, like these ones:
https://stackoverflow.com/a/52303677/1876345
SQL query using %s in Python 3.3
mysql.connector.errors.ProgrammingError: 1064 (4200): You have an error in your SQL syntax;
But i still encounter an error passing a variable at moment execute is run.
Option #1
mycursor = mydb.cursor()
dbname = 'ssl'
mycursor.execute('CREATE DATABASE {}'.format(dbname))
And I get this error
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ssl' at line 1
Option 2
mycursor = mydb.cursor()
dbname = 'ssl'
mycursor.execute("CREATE DATABASE %s ", (dbname))
Getting similar error: mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
Any idea why?
Running this code
res = cursor.execute("SELECT `password` FROM `players` WHERE `username` = %s", usern)
I get this error:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
The parametrized queries expect a tuple as an argument:
query = """SELECT `password` FROM `players` WHERE `username` = %s"""
res = cursor.execute(query, (usern, ))
I'm stuck. I've been trying to insert a pdf file in to MySQL db but I can't. I've tried with mysql.connector and MySQLdb classes. I get nearly the same errors. I've read many posts about this issue. I tried commas, variables also. Here are my code and error;
import mysql.connector
db = mysql.connector.connect(host="127.0.0.1", user='root', password='masatablo', db='yukleme')
c = db.cursor()
acilacak_dosya = open("bizim.PDF", "rb")
yuklenecek_dosya = acilacak_dosya.read()
c.execute ("INSERT INTO pdfler (cizim) VALUES(%s)" %(yuklenecek_dosya))
db.commit()
db.close()
ERROR with mysql.connector:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\r%\xe2\xe3\xcf\xd3\r\n4 0 obj\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1
ERROR with MySQLdb:
_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\\r%\\xe2\\xe3\\xcf\\xd3\\r\\n4 0 obj\\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1")
You'll need to use parameters, not string interpolation.
String interpolation with SQL is vulnerable to SQL injection attacks anyway.
c.execute("INSERT INTO pdfler (cizim) VALUES (%s)", (yuklenecek_dosya,))
I'm trying to execute the following via Flask's MySQLdb module:
cur.execute("SELECT post_id FROM tbl_post WHERE post_file_path = '%s'", (_filePath,))
Yet I get the following error:
1064, "You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'static/uploads/adc67db4-7d23-4bf1-a7ef-7e34dbed246a.jpg''' at line 1"
The query works fine via the command line so I'm fairly certain it's something to do with the way I'm providing my string argument. What am I doing wrong with it?
You shouldn't quote the placeholder %s, it's done by the database driver. This should work:
cur.execute("SELECT post_id FROM tbl_post WHERE post_file_path = %s", (_filePath,))
I'm trying to retrieve data from a MySQL-database.
A = "James"
query = ("SELECT * FROM DB.tblusers WHERE UserName = %s ")
c = mysql.connector.connect(user='root', password='',
host='127.0.0.1',
database='DB')
cur1 = c.cursor()
cur1.execute(query, A)
Gives the following error message:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' at line 1
But the SQL works in the mySQL Workbench.
Any ideas?
A should be a tuple, try with A = ("James",)
see documentation of MySQLCursor.execute(operation, params=None, multi=False)
EDIT: added a comma, thanks to "swordofpain" (I learned something)