Ada*_*nik 41 python mysql mysql-python sql-parametrized-query
我正在尝试使这个Python MYSQL更新语句正确(使用变量):
cursor.execute ("UPDATE tblTableName SET Year=%s" % Year ", Month=%s" % Month ", Day=%s" % Day ", Hour=%s" % Hour ", Minute=%s" Minute "WHERE Server=%s " % ServerID)
我出错的任何想法?
Est*_*ber 76
它应该是:
cursor.execute ("""
UPDATE tblTableName
SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
WHERE Server=%s
""", (Year, Month, Day, Hour, Minute, ServerID))
你也可以用基本的字符串操作来做,
cursor.execute ("UPDATE tblTableName SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s WHERE Server='%s' " % (Year, Month, Day, Hour, Minute, ServerID))
但是这种方式是不鼓励的,因为它让你打开SQL注入.由于它是如此简单(以及类似)做了正确的方式TM.做得对.
唯一要注意的是,一些数据库后端不遵循相同的字符串替换约定(SQLite会想到).
Pao*_*ino 50
你的语法都错了:
cursor.execute ("""
UPDATE tblTableName
SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
WHERE Server=%s
""", (Year, Month, Day, Hour, Minute, ServerID))
有关更多信息,请阅读文档.
Lit*_*oys 19
这是正确的方法:
import MySQLdb
if __name__ == '__main__':
connect = MySQLdb.connect(host="localhost", port=3306,
user="xxx", passwd="xxx", db='xxx', charset='utf8')
cursor = connect.cursor()
cursor.execute("""
UPDATE tblTableName
SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
WHERE Server=%s
""", (Year, Month, Day, Hour, Minute, ServerID))
connect.commit()
connect.close()
PS不要忘记connect.commit(),否则它将无法正常工作
| 归档时间: |
|
| 查看次数: |
132243 次 |
| 最近记录: |