stackoom
  简体   繁体   中英

Python: Iterating through MySQL columns

 原文  2014-08-26 15:41:23       python/ mysql/ mysql-python

Question

I'm wondering if you can help me. I'm trying to change the value in each column if the text matches a corresponding keyword. This is the loop: 

for i in range(0, 20, 1):
    cur.execute("UPDATE table SET %s = 1 WHERE text rlike %s") %(column_names[i], search_terms[i])

The MySQL command works fine on its own, but not when I put it in the loop. It's giving an error at the first %s

Does anyone have any insights?

This is the error: 

_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s = 1 WHERE text rlike %s' at line 1")

Column names looks like 

column_names = ["col1","col2","col3"...]

Search terms look like 

search_terms = ["'(^| |.|-)word1[;:,. ?-]'","'(^| |.|-)word2[;:,. ?-]'",...]

2 answers

solution1
 0  2014-08-26 15:45:36

Missing quotes and wrong parenthesis placement... 

for i in range(0, 20, 1):
    cur.execute("UPDATE table SET %s = 1 WHERE text rlike '%s'" %(column_names[i], search_terms[i]))
#                                                         ^  ^
#              (-----------------------------------------------------------------------------------)

Please note, this is not the right way of doing this, if your string may contain quotes by itself...

What about that instead: 

for i in range(0, 20, 1):
    cur.execute("UPDATE table SET %s = 1 WHERE text rlike ?" % (column_names[i],),
                (search_terms[i],))

This uses the % operator to set the column name, but uses an executes parameter to bind the data, letting the DB driver escape all characters that need so.

solution2
 0 ACCPTED  2014-08-26 15:51:58

The right way to do this is to give values to Python, which will quote things correctly.

adapted from voyager's post : 

for i in range(0, 20, 1):
    cur.execute("UPDATE table SET {} = 1 WHERE text rlike %s".format(column_names[i]),
                (search_terms[i],),
               )

In this case it's confusing because the column_name isn't a value, it's part of the table structure, so it's inserted using good old string formatting. The search_term is a value, so is passed to cursor.execute() for correct, safe quoting.

(Don't use string manipulation to add the quotes -- you're exposing yourself to SQL injection.)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Python/Pandas Iterating through columns Problem iterating through MySQL in python Iterating through the rows in mysql in python iterating through rows and columns of stock price python Python- Iterating through columns in csv file Iterating through columns for separate plots in Python Iterating if statements of columns through rows of Python dataframe Iterating through columns and array Iterating through columns, not iterable Python: Iterating through the columns in a list of list to find the palindromes
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM