Python、Tkinter:插入请求不起作用
[英]Python, Tkinter : insert request doesn't work
问题描述
i am beginner in python language and sql request.
我是 python 语言和 sql 请求的初学者。 I don't know why but this code doesn't work.我不知道为什么,但是这段代码不起作用。 It say that my request is not good.它说我的要求不好。 Is it because of type of my variable?是因为我的变量类型吗? I try several solutions and i saw that there is already several subjets related to my problem.我尝试了几种解决方案,发现已经有几个与我的问题相关的 subjets。 But i don't find solutions.但我找不到解决方案。
Code of my class ProviderWindow:我的 class ProviderWindow 的代码:
from tkinter import Tk, Label, Button, Entry, StringVar
from GeStock_2 import provider
class ProviderWindow(Tk):
def __init__(self):
super().__init__()
self.title("Provider")
self.widgets_provider()
def widgets_provider(self):
# Input field for the new provider.
name_provider = StringVar()
provider_field = Entry(self, textvariable=name_provider)
provider_field.grid(row=0, column=0)
# Button to add a new provider.
provider_add_button = Button(self, text="New provider")
provider_add_button.grid(row=1, column=0, sticky="nesw")
provider_add_button['command'] = lambda: call_function_insert_provider(name_provider)
def call_function_insert_provider(name_provider):
new_provider = provider.Provider(name_provider)
print(new_provider)
print(str(new_provider))
provider.Provider.insert_new_provider(new_provider)
Code of my class Provider:我的 class 提供程序的代码:
from GeStock_2 import utils
class Provider(object):
def __init__(self, name):
self.name = name
def insert_new_provider(self):
conn = utils.connection()
my_cursor = conn.cursor()
print(self.name)
print(str(self.name))
my_cursor.execute("INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, ('" + str(self.name) + "')")
cursor = my_cursor.fetchall()
conn.commit()
return cursor
Code of "utils": “实用程序”的代码:
import mysql.connector进口mysql.connector
def connection():
# function that to connect to database.
conn = mysql.connector.connect(user='root', password='', host='localhost', database='gestock_2')
return conn
Can you help me please?你能帮我吗? Thank you谢谢
1 个解决方案
解决方案1
1 2021-12-10 10:23:27
When you construct the INSERT SQL statement first and print it out, like below:当您首先构造 INSERT SQL 语句并将其打印出来时,如下所示:
sql = "INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, ('" + str(self.name) + "')"
print(sql)
Assume self.name has value David , then you will get from print(sql) as below:假设self.name的值为David ,那么您将从print(sql)获得如下:
INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, ('David')
There is extra ( after NULL, .还有额外的(在NULL, .
So the correct one is:所以正确的是:
sql = "INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, '" + str(self.name) + "')"
However it is better to use placeholders to avoid SQL injection:但是最好使用占位符来避免 SQL 注入:
sql = "INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, %s)"
my_cursor.execute(sql, (self.name,))
Update: Seems like self.name is a StringVar , so self.name.get() should be used instead:更新:似乎self.name是一个StringVar ,所以应该使用self.name.get() :
sql = "INSERT INTO `provider` (`id_prov`, `name_prov`) VALUES (NULL, %s)"
my_cursor.execute(sql, (self.name.get(),))
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.