I'm trying to execute the following via Flask's MySQLdb module:
cur.execute("SELECT post_id FROM tbl_post WHERE post_file_path = '%s'", (_filePath,))
Yet I get the following error:
1064, "You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'static/uploads/adc67db4-7d23-4bf1-a7ef-7e34dbed246a.jpg''' at line 1"
The query works fine via the command line so I'm fairly certain it's something to do with the way I'm providing my string argument. What am I doing wrong with it?
You shouldn't quote the placeholder %s, it's done by the database driver. This should work:
cur.execute("SELECT post_id FROM tbl_post WHERE post_file_path = %s", (_filePath,))
Related
I have developed code using python MySQLdb to connect to mysql database and execute several commands/queries.
I am successfully able to execute all other commands except \s.
Whereas, while executing the same command on Mysql shell works fine.
Sample code:
conn = MySQLdb.connect(host=host,user=user,passwd=passwd,unix_socket=unix_socket)
cursor = conn.cursor()
cmd = r"\s"
cursor.execute(cmd)
data = cursor.fetchall()
Receiving below error while executing:
1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\s' at line 1"
I'm stuck. I've been trying to insert a pdf file in to MySQL db but I can't. I've tried with mysql.connector and MySQLdb classes. I get nearly the same errors. I've read many posts about this issue. I tried commas, variables also. Here are my code and error;
import mysql.connector
db = mysql.connector.connect(host="127.0.0.1", user='root', password='masatablo', db='yukleme')
c = db.cursor()
acilacak_dosya = open("bizim.PDF", "rb")
yuklenecek_dosya = acilacak_dosya.read()
c.execute ("INSERT INTO pdfler (cizim) VALUES(%s)" %(yuklenecek_dosya))
db.commit()
db.close()
ERROR with mysql.connector:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\r%\xe2\xe3\xcf\xd3\r\n4 0 obj\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1
ERROR with MySQLdb:
_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'b'%PDF-1.4\\r%\\xe2\\xe3\\xcf\\xd3\\r\\n4 0 obj\\r<</Linearized 1/L 83892/O 6/E 79669/N ' at line 1")
You'll need to use parameters, not string interpolation.
String interpolation with SQL is vulnerable to SQL injection attacks anyway.
c.execute("INSERT INTO pdfler (cizim) VALUES (%s)", (yuklenecek_dosya,))
I have a query that I can successfully run in the Microsoft SQL Server Management Studio app. It outputs data as I expected.
However, when I try to run the script via Python, it'll always throw an error.
I first created a generic sql reader function:
def sql_reader_single(qry_file, server_name, database):
server = db.connect(str('DRIVER={SQL Server};
SERVER='+server_name+';
DATABASE='+database+';'))
qry = open(qry_file, 'r').read()
data = pd.read_sql(qry, server)
return data
then I tried calling the above function to read my sql script:
dir = 'C:/Users/Documents/qry'
QryFile = os.path.join(dir, 'qry clean no comment.sql')
Data = sp.sql_reader_single(qry_file=QryFile, server_name='server1', database='db2')
And when I call the read.sql() function, I'd always get the following error:
': ('42000', "[42000] [Microsoft][ODBC SQL Server Driver][SQL Server]Incorrect syntax near 'l'. (102) (SQLExecDirectW)")
'1' is the last character in my query script.
So the error message is saying I have syntax error near the last character of my script.
Since the query does run successfully in SQL server studio, that eliminates the hypothesis that my query is in wrong syntax, which is what the error message suggests.
Here's a sample query that I tried running but would get the above error code:
SELECT distinct
[ShipmentId]
,shipmentstatus
FROM shipmentstatus
I also looked into many other links via Google search, but I am not getting any helpful tips. Any help is appreciated!
I have what would appear to be a straight forward insert statement for Oracle SQL. It works properly in Oracle SQL Developer but the same command will not work in Python, complaining about
cx_Oracle.DatabaseError: ORA-00933: SQL command not properly ended.
This happens on the line for the cursor.execute() call. The query itself is:
insert into TestNamesTable (TestName, TheUser, TheProject) values ('mytest.s', 'bjurasz', 'Beta');
If run in SQL Developer I get a new row. Inside Python I get the termination error. From what I can tell its properly formed and terminated.
Here is how I construct the query in python:
sql = "insert into TestNamesTable (TestName, TheUser, TheProject) values ('%s', '%s', '%s');" % (diagname, username, project)
print sql
cursor.execute(sql)
connection.commit()
Try this:
# These are just random definitions, must be of type table requires
diagname = "DEFINE HERE"
username = "SOMEBODY"
project = "PROJECT NAME"
# Assuming you've defined your connection before
cursor.execute("""insert into TestNamesTable (TestName, TheUser, TheProject) values (:diagname, :username, :project)""",
{"diagname": diagname, #cx_Oracle likes this bind-variable looking syntax
"username": username.
"project": project})
connection.commit()
I have case :
import pymysql
conn = pymysql.connect(host='127.0.0.1', unix_socket='/opt/lampp/var/mysql/mysql.sock', user='root', passwd=None, db='test')
cur = conn.cursor()
cur.execute("test < /mypath/test.sql")
cur.close()
conn.close()
I always get error :
1064 , "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'test < /mypath/test.sql' at line 1"
I tried to use source and it still failed. Did you know why?
Thank you.
Your error message says that the MySQL server can't understand
test < /mypath/test.sql' at line 1
If you're a long time *nix user, it seems intuitive that you should be able to use commands like this to pass various sorts of data streams to various programs. But that's not the way the Python sql API (or most language-specific) sql APIs works.
You need to pass a valid SQL query to the execute() method in the API, so the API can pass it to the database server. A vaild query will be something like INSERT or CREATE TABLE.
Look, the server might be on a different host machine, so telling the server to read from /mypath/test.sql is very likely a meaningless instruction to that server. Even if it did understand it, it might say File test.sql not found.
The mysql(1) command line client software package can read commands from files. Is that what you want?
>>> import MySQLdb
>>> db = MySQLdb.connect(host = 'demodb', user = 'root', passwd = 'root', db = 'mydb')
>>> cur = db.cursor()
>>> cur.execute('select * from mytable')
>>> rows = cur.fetchall()
Install MySQL-Python package to use MySQLdb.