I keep running into an error from the following statement:
cursor.execute("""INSERT into financial_statements (url)
VALUES (%s) WHERE provider=%s AND date=%s""", (url, provider, date))
The error I get is:
_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near
'WHERE provider='ANGEL' AND date='2012-03-01'' at line 2")
You can't have a WHERE clause for an INSERT statement.
Maybe you meant to perform an UPDATE?
UPDATE financial_statements
SET url = %s
WHERE provider=%s AND date=%s
It makes no sense to use WHERE in an INSERT statement - there is nothing to restrict.
If you want to modify an existing row, use UPDATE:
UPDATE financial_statements SET url=%s WHERE provider=%s and DATE=%s
Related
I am having some trouble selecting from my database using python to execute a MySql query. I have tried two methods to achieve this, but both methods have returned the error shown below:
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s' at line 1
What Id like to do is return the row count (which is always zero or one) when a username parameter is passed. I have looked at other examples where people have had this issue but I cant find a good fix.
The first method I tried was this:
def check_data(username):
sql = """SELECT count(*) FROM tbl_user WHERE username = %s"""
mycursor.execute(sql, username)
#do something with the data
I then tried using SELECT (CASE WHEN (uname = %s) THEN TRUE ELSE FALSE END) AS IsEmtpy FROM tbl_user limit 1;
This works database side, but still throws the same error when run in the application. I tried wrapping the %s like '%s' but it didn't help.
Any suggestions?
You're missing enclosing the string between quotes (singles or doubles).
You can check the query you're executing by printing it before the mycursor.execute statement, but basically you're sending MySQL something like SELECT count(*) FROM tbl_user WHERE username = foobar.
Try fixing it with SELECT count(*) FROM tbl_user WHERE username = '%s'.
On a side note, your approach is vulnerable to SQL Injection. You should check the documentation of the tool you're using to connect to the DBMS for "prepared statements".
I'm working on a script that will pull data from a database using pymysql and a simple SELECT statement. I'm going to run this statement many times, so I was hoping to simplify things by putting it in a function and passing the column name, table name, where clause and value as arguments to the function.
def retrieve_value_from_db(connection,column_name,table_name,where_clause,where_value):
with connection:
with connection.cursor() as cursor:
sql = "SELECT %s FROM %s WHERE %s=%s"
logging.debug(cursor.mogrify(sql,(column_name,table_name,where_clause,where_value)))
cursor.execute(sql,(column_name,table_name,where_clause,where_value))
result = cursor.fetchone()
connection.commit()
return result
However calling the function below returns the following error
retrieve_value_from_db(connection,"last_name","mother_table","id","S50000")
pymysql.err.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''mother_table' WHERE 'id'='S50000'' at line 1")
Cursor.execute seems to be reading the quotation mark portion of the string, which is causing the programming error. So how do I pass a string argument to the function that cursor.execute can read? Is what I want to do even possible? Thanks in advance.
Perhaps surprisingly, you should not let the database substitution handle table names and column names. It tries to quote them as if they were fields, which is wrong.
sql = "SELECT %s FROM %s WHERE %s=%%s" % (column_name,table_name,where_clause)
...
cursor.execute(sql, (where_value,))
I'm using mysql with python, I got an error when using a bind varialbe. Actually I don't know how to use a bind variable. Please help me with my problem.
Here is my code:
iouNo=textiv1.get()
cursor.execute("UPDATE iou_table SET IOU_status=4 WHERE IOU_No= :iouNo",{'iouNo':iouNo})
mydb.commit()
This is the error I got
mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':'iouNo'' at line 1
I want to use the iouNo variable inside the SQL query... How can I do it?
You can read up on that iin the manual from MySQL.
%s is used as place holde.
If you only have one parameter or variable you still have tpo use a 2 dimensional tuple,
iouNo=textiv1.get()
cursor.execute("UPDATE iou_table SET IOU_status=4 WHERE IOU_No= %s;",(iouNo,))
mydb.commit()
I'm trying to insert variables as data into a database
I'm using this (part of it)
query = "INSERT INTO table_name (name) VALUES (%S)"
aa="naam"
cursor.execute(query,aa)
and everytime, I get the following error message:
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%S)' at line 1"
no matter what I try to do, I'm getting this message (put it in """, put () around it, ...)
Hope someone can help me
The format needs to be lowercase, so change the query into: query = "INSERT INTO table_name (name) VALUES (%s)".
I'm trying to use mysql 5.1 with python 2.6.6 and I'm getting the following error.
code :
query = "INSERT INTO present_list SET from='a', to='b'"
print query
cur.execute(query)
error :
Error 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from='a', to='b'' at line 1
Can somebody understand what is wrong ?
You need to use the backstroke in from and to like :
INSERT INTO present_list SET `from`='a', `to`='b
Since from is a keyword in mysql
Put a back strike before from. From is one of MySQL's reserved words
query = "INSERT INTO present_list (`from`, `to`) VALUES ('a', 'b')"
print query
cur.execute(query)
Please, learn SQL and Syntex then work on :
Your answer is:
For Insert Data into table
============================
query = "INSERT INTO present_list(from,to) values('a'.'b')";
print query
cur.execute(query)
For Update Data into table
============================
query = "Update present_list set from='a', to='b'";
print query
cur.execute(query)
from and to are mysql reserved words. So if you want to use them as normal names please use backtick(`) symbol around reserved word. For more info please goto
Select a column with a keyword name