Flask,并非在字符串格式化期间转换所有参数

时间:2015-10-28 16:46:37

标签: python mysql flask pythonanywhere

尝试为我的应用创建注册页面。我正在使用来自pythonanywhere.com的Flask框架和MySQL数据库。

@app.route('/register/', methods=["GET","POST"]) 
def register_page():
try:
    form = RegistrationForm(request.form)



    if request.method == "POST" and form.validate():
        email = form.email.data
        password = sha256_crypt.encrypt((str(form.password.data)))
        c, conn = connection()

        x = c.execute("SELECT * FROM users WHERE email = (%s)",
                      (email))

        if int(x) > 0:
            flash("That email adress is already in use.")
            return render_template('register.html', form=form)

        else:
            c.execute("INSERT INTO users (email, password) VALUES (%s, %s)",
                      (thwart(email),thwart(password)))

            conn.commit()
            flash("Thanks for registering!")
            c.close()
            conn.close()
            gc.collect()

            session['logged_in'] = True
            session['email'] = email

            return redirect(url_for('dashboard'))

    return render_template("sign-up.html", form=form)


except Exception as e:
    return(str(e))}

在运行时,我得到错误:并非在字符串格式化期间转换所有参数。 怎么解决?可能是本声明中的问题?

c.execute("INSERT INTO users (email, password) VALUES (%s, %s)", (thwart(email),thwart(password)))

1 个答案:

答案 0 :(得分:3)

将我之前的评论转换为答案,因为它似乎是正确的解决方案: - )

问题来自另一条线。你有这个:

        x = c.execute("SELECT * FROM users WHERE email = (%s)",
                      (email))

这不符合您的想法。将email放在括号中什么都不做,所以该行实际上等同于在字符列表中传入该变量中的任何内容的每个字符。相反,如果你这样做:

        x = c.execute("SELECT * FROM users WHERE email = (%s)",
                      (email,))

...然后你将传入一个包含一个项目email的元组,它应该会更好。