Inserting string in mysql using python: unknown column
Question
first of all i am a beginner, and i appreciate the help in advance :)
When i am inserting a string it is giving me an error double or single quotes.This only happens when im calling the function insert() i have created. But when i am just putting a number in replace of those strings without quotation marks it is working.
import mysql.connector
conn = mysql.connector.connect(user="root",password='password',
host='localhost',database='library',port='3306')
cur = conn.cursor()
def create_table():
cur.execute("CREATE TABLE IF NOT EXISTS store
(id INT PRIMARY KEY, item VARCHAR(25), quantity INT, price REAL);")
conn.commit()
conn.close()
def insert(id, item, quantity, price):
cur.execute("INSERT INTO store (id, quantity, price, item)
VALUES (%s, %s, %s, %s)" % (id, item, quantity, price))
conn.commit()
conn.close()
insert(50, 'test', 20, 10)
and then it is giving an error:
Traceback (most recent call last):
File "C:\Program Files\Python36\lib\site-
packages\mysql\connector\connection_cext.py", line 392, in cmd_query
raw_as_string=raw_as_string)
_mysql_connector.MySQLInterfaceError: Unknown column 'test' in 'field list'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Acer\Desktop\Remastered.py", line 128, in <module>
insert(50, 'test', 20, 10)
File "C:\Users\Acer\Desktop\Remastered.py", line 109, in insert
cur.execute("INSERT INTO store (id, quantity, price, item) VALUES (%s, %s, %s, %s)" % (id, item, quantity, price))
File "C:\Program Files\Python36\lib\site-packages\mysql\connector\cursor_cext.py", line 266, in execute
raw_as_string=self._raw_as_string)
File "C:\Program Files\Python36\lib\site-packages\mysql\connector\connection_cext.py", line 395, in cmd_query
sqlstate=exc.sqlstate)
mysql.connector.errors.ProgrammingError: 1054 (42S22): Unknown column 'test' in 'field list'
[Finished in 0.8s with exit code 1]
2 answers
solution1
0 ACCPTED 2018-11-02 00:04:22
You're not using the placeholder feature properly. The correct line is:
cur.execute("INSERT INTO store (id, quantity, price, item)
VALUES (%s, %s, %s, %s)", (id, item, quantity, price))
Note , and NOT % which creates serious SQL injection bugs .
Your query was being expanded to something like:
INSERT INTO store (...) VALUES (1, test, 1, 1.0);
Where the test part is not quoted at all and is treated as a possible column name.
solution2
0 2018-11-05 06:21:26
You have mixed up the order of columns in the insert statement, change "INSERT INTO store (id, quantity, price, item)" to "INSERT INTO store (id, item, quantity, price)", note where column named item is! import mysql.connector
def create_table():
cur.execute("CREATE TABLE IF NOT EXISTS store " \
"(id INT PRIMARY KEY, item VARCHAR(25), quantity INT, price REAL);")
conn.commit()
return
def insert(id, item, quantity, price):
cur.execute("INSERT INTO store (id, item, quantity, price)" \
"VALUES (%s, '%s', %s, %s)" % (id, item, quantity, price))
conn.commit()
return
#
conn = mysql.connector.connect(user="root",
host='localhost',database='DO',port='3306')
cur = conn.cursor()
create_table
insert(50, 'test', 20, 10)
insert(51, 'test', 20, 10)
insert(52, 'test', 20, 10)
conn.close()
from MySQL
mysql> select * from store;
+----+------+----------+-------+
| id | item | quantity | price |
+----+------+----------+-------+
| 50 | test | 20 | 10 |
| 51 | test | 20 | 10 |
| 52 | test | 20 | 10 |
+----+------+----------+-------+
3 rows in set (0.00 sec)
mysql> INSERT INTO store (id, item, quantity, price) VALUES (53, 'test', 20, 10);
Query OK, 1 row affected (0.00 sec)
mysql> select * from store;
+----+------+----------+-------+
| id | item | quantity | price |
+----+------+----------+-------+
| 50 | test | 20 | 10 |
| 51 | test | 20 | 10 |
| 52 | test | 20 | 10 |
| 53 | test | 20 | 10 |
+----+------+----------+-------+
4 rows in set (0.00 sec)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.