mysql查询

mmvthczy  于 2021-06-17  发布在  Mysql
关注(0)|答案(1)|浏览(362)

我正在学习python编程,并尝试从简单的select查询开始实现最安全的mysql查询。问题是,每当我在查询中使用coma时,都会出现以下错误:

  1. cursor.execute(query)
  2.   File "C:\Users\username\AppData\Local\Programs\Python\Python37-32\lib\site-packages\mysql\connector\cursor.py", line 536, in execute
  3.     stmt = operation.encode(self._connection.python_charset)
  4. AttributeError: 'tuple' object has no attribute 'encode'

我知道coma本身并不是问题的根源,但我尝试了许多不同的mysql语法,每次使用come,我都会遇到“attributeerror:'tuple'object has no attribute'encode'”错误。
我还尝试更改mysql数据库编码-没有任何更改。代码如下。

  1. import mysql.connector
  3. conn = mysql.connector.connect(
  4.     charset='utf8',
  5.     # init_command='SET NAMES UTF8',
  6.     host="10.0.0.234",
  7.     user="x",
  8.     passwd="x>",
  9.     database="x",
  10. )
  12. print(conn.is_connected())
  14. param = "test"
  16. cursor = conn.cursor()
  18. # =========== query below does work ========
  20. # query = ("SELECT * from list WHERE username LIKE '%test%'")
  22. # ============ query below does work =======
  24. # query = ("SELECT * from list HAVING username = '%s'" % param)
  26. # ============ query below doesn't work =====
  28. # query = ("SELECT * from list HAVING username = %s", (param,))
  30. # ============= query below doesn't work =====
  32. query = "SELECT * from list WHERE username = :name", {'name': param}
  34. cursor.execute(query)
  35. result = cursor.fetchall()
  36. for x in result:
  37.     print(x)
  39. conn.close()

你知道我做错什么了吗?

mysqlpython

1条答案

按热度按时间
xqk2d5yq

xqk2d5yq1#

答案有点棘手,但本质上是因为“query”变量的实际值是什么。。。
例如:

  2. # 1.
  4. query = ("SELECT * from list WHERE username LIKE '%test%'")
  6. # when you do this, query is a string variable,
  8. # NB: the parentheses are not necessary here
  10. # so when you call
  12. cursor.execute(query)
  14. # the value passed into the execute call is the string "SELECT * from list WHERE username LIKE '%test%'"
  16. # 2.
  18. query = ("SELECT * from list HAVING username = '%s'" % param)
  20. # when you do this, query is the result of a string formatting operation
  22. # This is a Python 2 form of string formatting
  24. # The discussion here probably makes it more clear:
  26. # https://stackoverflow.com/questions/13945749/string-formatting-in-python-3
  28. # it is almost the same as doing this:
  30. query = "SELECT * from list HAVING username = 'test'"
  32. # so when you call
  34. cursor.execute(query)
  36. # the value passed into the execute call is the string "SELECT * from list HAVING username = 'test'"
  38. # 3.
  40. query = ("SELECT * from list HAVING username = %s", (param,))
  42. # This operation is assigning a 2-value tuple into the query variable
  44. # The first value in the tuple is the string "SELECT * from list HAVING username = %s"
  46. # The second value in the tuple is a 1-value, with 'test' as its first value
  48. # 4.
  50. query = "SELECT * from list WHERE username = :name", {'name': param}
  52. # This is similar to #3, but the values in the tuple are instead
  54. # query[0] == "SELECT * from list WHERE username = :name"
  56. # query[1] is a dictionary: {'name': param}

上面的3和4都没有调用mysql execute 使用您期望的参数(请参阅此处的api)。您可能需要执行以下操作之一:
将查询元组解压到单独的变量中,并用它们调用函数

  1. operation, params = query # unpack the first elem into operation, and second into params
  2. cursor.execute(operation, params)

只需索引到查询元组中

  1. cursor.execute(query[0], query[1])
  3. # NB: you could also use the 'named parameters' feature in Python
  5. cursor.execute(query[0], params=query[1])

使用“解包参数列表”(splat运算符)

  1. cursor.execute(*query)
展开查看全部
赞(0)分享  回复(0)举报  2021-06-17
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com