I'm trying to insert variables as data into a database
I'm using this (part of it)
query = "INSERT INTO table_name (name) VALUES (%S)"
aa="naam"
cursor.execute(query,aa)
and everytime, I get the following error message:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%S)' at line 1"
no matter what I try to do, I'm getting this message (put it in """, put () around it, ...)
Hope someone can help me
The format needs to be lowercase, so change the query into: query = "INSERT INTO table_name (name) VALUES (%s)".
Related
I am having some trouble selecting from my database using python to execute a MySql query. I have tried two methods to achieve this, but both methods have returned the error shown below:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
What Id like to do is return the row count (which is always zero or one) when a username parameter is passed. I have looked at other examples where people have had this issue but I cant find a good fix.
The first method I tried was this:
def check_data(username):
sql = """SELECT count(*) FROM tbl_user WHERE username = %s"""
mycursor.execute(sql, username)
#do something with the data
I then tried using SELECT (CASE WHEN (uname = %s) THEN TRUE ELSE FALSE END) AS IsEmtpy FROM tbl_user limit 1;
This works database side, but still throws the same error when run in the application. I tried wrapping the %s like '%s' but it didn't help.
Any suggestions?
You're missing enclosing the string between quotes (singles or doubles).
You can check the query you're executing by printing it before the mycursor.execute statement, but basically you're sending MySQL something like SELECT count(*) FROM tbl_user WHERE username = foobar.
Try fixing it with SELECT count(*) FROM tbl_user WHERE username = '%s'.
On a side note, your approach is vulnerable to SQL Injection. You should check the documentation of the tool you're using to connect to the DBMS for "prepared statements".
I'm working on a script that will pull data from a database using pymysql and a simple SELECT statement. I'm going to run this statement many times, so I was hoping to simplify things by putting it in a function and passing the column name, table name, where clause and value as arguments to the function.
def retrieve_value_from_db(connection,column_name,table_name,where_clause,where_value):
with connection:
with connection.cursor() as cursor:
sql = "SELECT %s FROM %s WHERE %s=%s"
logging.debug(cursor.mogrify(sql,(column_name,table_name,where_clause,where_value)))
cursor.execute(sql,(column_name,table_name,where_clause,where_value))
result = cursor.fetchone()
connection.commit()
return result
However calling the function below returns the following error
retrieve_value_from_db(connection,"last_name","mother_table","id","S50000")
pymysql.err.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''mother_table' WHERE 'id'='S50000'' at line 1")
Cursor.execute seems to be reading the quotation mark portion of the string, which is causing the programming error. So how do I pass a string argument to the function that cursor.execute can read? Is what I want to do even possible? Thanks in advance.
Perhaps surprisingly, you should not let the database substitution handle table names and column names. It tries to quote them as if they were fields, which is wrong.
sql = "SELECT %s FROM %s WHERE %s=%%s" % (column_name,table_name,where_clause)
...
cursor.execute(sql, (where_value,))
I am trying to select some values within a table that has a column called "Name". That column contains tennis players names. I want to store some statistics for each player in python, but I am having trouble accessing the table. I keep getting a "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '='Rafael Nadal'' at line 1" As you can see, mysql clearly interprets the %s I had in place of 'Rafael Nadal' correctly, but it still brings up an error. Can anyone help me?
recordTuple = ('Rafael Nadal', )
mySql_insert_query = """SELECT `First_Serve(%)` FROM `serve2` WHERE Name =%s"""
cursor.execute(mySql_insert_query, recordTuple)
aI = cursor.fetchall()[0][0]/100
Since % is used to mark placeholders in the SQL, you have to double it if you want to use it literally.
mySql_insert_query = """SELECT `First_Serve(%%)` FROM `serve2` WHERE Name =%s"""
See How do I escape % from python mysql query
Similar to Brunonono in Create MySQL Database in Python using the %s operator (even using the same packages) I'm trying to add columns from an excel table to a mysql table using the %s operator in Python. The error is the same:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s %s)' at line 1
The code is as follows
mydb=mysql.connector.connect(host="localhost",user="root")
#init cursor
mycursor=mydb.cursor()
column_title="ID"
cell_type="INT(10)"
mycursor.execute("ALTER TABLE Test ADD (%s %s)"),(column_title, cell_type)
Sadly, I wouldn't know how to apply the solution provided in the post above, where
mycursor.execute("CREATE DATABASE (%s)", (db_name))
was replaced with
create_statement = "CREATE DATABASE {:s}".format(db_name)
mycursor.execute(create_statement)
mycursor.execute("ALTER TABLE Test ADD (%s %s)"),(column_title, cell_type) is what you are doing currently
Instead do,
mycursor.execute("ALTER TABLE Test ADD (%s %s)" % (column_title, cell_type))
Which would work unless I don't know MySQL syntax properly
Try this:
mycursor.execute('ALTER TABLE Test ADD (?, ?)',(column_title, cell_type))
But this doesn't use the %s operator.
Sorry, this works for SQLite and not MySQL.
I'm trying to use mysql 5.1 with python 2.6.6 and I'm getting the following error.
code :
query = "INSERT INTO present_list SET from='a', to='b'"
print query
cur.execute(query)
error :
Error 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from='a', to='b'' at line 1
Can somebody understand what is wrong ?
You need to use the backstroke in from and to like :
INSERT INTO present_list SET `from`='a', `to`='b
Since from is a keyword in mysql
Put a back strike before from. From is one of MySQL's reserved words
query = "INSERT INTO present_list (`from`, `to`) VALUES ('a', 'b')"
print query
cur.execute(query)
Please, learn SQL and Syntex then work on :
Your answer is:
For Insert Data into table
============================
query = "INSERT INTO present_list(from,to) values('a'.'b')";
print query
cur.execute(query)
For Update Data into table
============================
query = "Update present_list set from='a', to='b'";
print query
cur.execute(query)
from and to are mysql reserved words. So if you want to use them as normal names please use backtick(`) symbol around reserved word. For more info please goto
Select a column with a keyword name