[英]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')
[英]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'keyword")\'
url = 'test.com///"asdasdasd'
name = "test"
formatURL = url.replace("//","/")
print(formatURL)
conn= db.cursor()
conn.execute("Insert Into website (URL,NAME) VALUES("{}","{}")".format(url,name))
data_base.commit()
很可能,替换操作未正确完成,我收到以下错误。
OUTPUT:
> test.com//"asdasdasd
> pymysql.err.ProgrammingError: (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'test")\' at line 1')
如何将所有“//”字符转换为“/”字符?
您弄乱了字符串的分隔符。 不要使用str.format()
将参数格式化为 sql 字符串,使用参数化查询:
conn.execute("Insert Into website (URL,NAME) VALUES( %s, %s)", (url,name))
这是混乱:
conn.execute("Insert Into website (URL,NAME) VALUES(" {} "," {} ")".format(url,name))
111111111111111111111111111111111111111 222 333
unrelated {} {}
所有1
都是一个字符串,所有2
都是另一个字符串,所有3
个都是第三个字符串。 两个{}
都是不相关的花括号(?),并且.format(url,name)
仅适用于不是有效格式字符串的")"
(又名3
)。
只需使用参数化查询——它们更安全、更容易:
来源: https://xkcd.com/327/ (许可证)
和许多语言的语法提示: https://bobby-tables.com/python
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.