我正在尝试通过python脚本运行MySQL查询,并不断在我的SQL语法中出现错误,从中我可以看到查询设置正确。有人可以再请我看一下吗?
conn = mysql.connector.connect(**config)
connect = conn.cursor()
query = u'INSERT INTO page_load_times (self, object_id, page_header, elapsed_time, date_run) ' \
'VALUES ({}, {}, {}, {}, {})'.format(self, self.object_id, self.page_header, t.interval, timestamp)
connect.execute(query)
conn.commit()
conn.close()
我收到的错误如下:
ProgrammingError: 1064 (42000): You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right
syntax to use near '13:56:17.491000)' at line 1
不要通过字符串格式传递查询参数。
让mysql客户端通过将参数传递到查询的第二个参数中来完成这项工作execute()
。除了在引号和数据类型转换方面没有问题之外,您还可以避免sql注入风险:
query = """INSERT INTO
page_load_times
(self, object_id, page_header, elapsed_time, date_run)
VALUES
(%(self)s, %(object_id)s, %(page_header)s, %(interval)s, %(timestamp)s)"""
params = {'self': self,
'object_id': self.object_id,
'page_header': self.page_header,
'interval': t.interval,
'timestamp': timestamp}
connect.execute(query, params)
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句