def search(self):
conn=mysql.connector.connect(host="localhost",username="root",password="krish#123",database="face_monitoring")
mycursor=conn.cursor()
mycursor.execute("select * from room where"+str(self.search_var.get())+" LIKE '%"+str(self.txt_search.get())+"%'")
rows=mycursor.fetchall()
if len(rows)!=0:
self.room_details.delete(*self.room_details.get_children())
for i in rows:
self.room_details.insert("",END,values=i)
conn.commit()
conn.close()
error:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Name LIKE '%krishna mishra%'' at line 1
Related
I know there're similar questions regarding this topic in Stackoverflow, like these ones:
https://stackoverflow.com/a/52303677/1876345
SQL query using %s in Python 3.3
mysql.connector.errors.ProgrammingError: 1064 (4200): You have an error in your SQL syntax;
But i still encounter an error passing a variable at moment execute is run.
Option #1
mycursor = mydb.cursor()
dbname = 'ssl'
mycursor.execute('CREATE DATABASE {}'.format(dbname))
And I get this error
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ssl' at line 1
Option 2
mycursor = mydb.cursor()
dbname = 'ssl'
mycursor.execute("CREATE DATABASE %s ", (dbname))
Getting similar error: mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
Any idea why?
Following code is a function design for update data in mysql database.I get issue with following error message:
Errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '#gmail.com,gender=Female,
def update_data(self):
con = mysql.connector.connect(
host="localhost",
user="root",
password="123456",
database="stm",
)
cur = con.cursor()
cur.execute(
"""
update
students
set
name=%s,
email=%s,
gender=%s,
contact=%s,
dob=%s,
address=%s,
where
roll_no=%s;
""" % (
self.name_var.get(),
self.email_var.get(),
self.gender_var.get(),
self.contact_var.get(),
self.dob_var.get(),
self.txt_Address.get('1.0', END),
self.Roll_No_var.get(),
), )
con.commit()
con.close()
self.fetch_data()
self.clear()
Running this code
res = cursor.execute("SELECT `password` FROM `players` WHERE `username` = %s", usern)
I get this error:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
The parametrized queries expect a tuple as an argument:
query = """SELECT `password` FROM `players` WHERE `username` = %s"""
res = cursor.execute(query, (usern, ))
I'm stuck. I've been trying to insert a pdf file in to MySQL db but I can't. I've tried with mysql.connector and MySQLdb classes. I get nearly the same errors. I've read many posts about this issue. I tried commas, variables also. Here are my code and error;
import mysql.connector
db = mysql.connector.connect(host="127.0.0.1", user='root', password='masatablo', db='yukleme')
c = db.cursor()
acilacak_dosya = open("bizim.PDF", "rb")
yuklenecek_dosya = acilacak_dosya.read()
c.execute ("INSERT INTO pdfler (cizim) VALUES(%s)" %(yuklenecek_dosya))
db.commit()
db.close()
ERROR with mysql.connector:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\r%\xe2\xe3\xcf\xd3\r\n4 0 obj\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1
ERROR with MySQLdb:
_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\\r%\\xe2\\xe3\\xcf\\xd3\\r\\n4 0 obj\\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1")
You'll need to use parameters, not string interpolation.
String interpolation with SQL is vulnerable to SQL injection attacks anyway.
c.execute("INSERT INTO pdfler (cizim) VALUES (%s)", (yuklenecek_dosya,))
I'm trying to retrieve data from a MySQL-database.
A = "James"
query = ("SELECT * FROM DB.tblusers WHERE UserName = %s ")
c = mysql.connector.connect(user='root', password='',
host='127.0.0.1',
database='DB')
cur1 = c.cursor()
cur1.execute(query, A)
Gives the following error message:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' at line 1
But the SQL works in the mySQL Workbench.
Any ideas?
A should be a tuple, try with A = ("James",)
see documentation of MySQLCursor.execute(operation, params=None, multi=False)
EDIT: added a comma, thanks to "swordofpain" (I learned something)