Python cx_oracle变量
[英]Python cx_oracle variables
问题描述
try:
for row in data:
id = row[0]
name= row[1]
b.execute("INSERT INTO NAME (NUMBER, NAME, ID) VALUES (1, %s, %s)" %(name, id))
conn.commit()
except: #rest code
I can not add values to the database (as much as I understand it is because of the name variable), I always receive this error: ORA-00936: missing expression . 
我无法将值添加到数据库(据我所知,这完全是由于name变量所致 ),我始终会收到此错误: ORA-00936:缺少表达式 。 What is wrong in my code? 我的代码有什么问题? How should i specify parameter correctly? 我应该如何正确指定参数?
1 个解决方案
解决方案1
1 2016-07-21 12:55:29
Use bind variables instead. 请改用绑定变量。 Do not use %s and put the parameter directly in the string as this leads to possible SQL injection, not to mention quoting issues. 不要使用%s并将参数直接放在字符串中,因为这可能导致SQL注入,更不用说引用问题了。 This method permits passing any legal value without having to worry about such things! 此方法允许传递任何法律价值,而不必担心此类事情!
try:
for row in data:
id = row[0]
name= row[1]
b.execute("INSERT INTO NAME (NUMBER, NAME, ID) VALUES (1, :1, :2)",
(name, id))
conn.commit()
except:
# rest code
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.