使用python在mysql中插入字符串:未知列

时间:2018-11-01 20:25:38

标签: python mysql mysql-python

首先,我是一个初学者,我先感谢您的帮助:)

当我插入一个字符串时,它给我一个双引号或单引号错误。这仅在我调用我创建的函数insert()时发生。但是,当我只用数字代替那些不带引号的字符串时,它就起作用了。

import mysql.connector

conn = mysql.connector.connect(user="root",password='password',
       host='localhost',database='library',port='3306')
cur = conn.cursor()


def create_table():
    cur.execute("CREATE TABLE IF NOT EXISTS store 
               (id INT PRIMARY KEY, item VARCHAR(25), quantity INT, price REAL);")
    conn.commit()
    conn.close()


def insert(id, item, quantity, price):
    cur.execute("INSERT INTO store (id, quantity, price, item) 
                VALUES (%s, %s, %s, %s)" % (id, item, quantity, price))
    conn.commit()
    conn.close()



insert(50, 'test', 20, 10)

然后出现错误:

Traceback (most recent call last):
      File "C:\Program Files\Python36\lib\site- 
packages\mysql\connector\connection_cext.py", line 392, in cmd_query
        raw_as_string=raw_as_string)
    _mysql_connector.MySQLInterfaceError: Unknown column 'test' in 'field list'

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "C:\Users\Acer\Desktop\Remastered.py", line 128, in <module>
        insert(50, 'test', 20, 10)
      File "C:\Users\Acer\Desktop\Remastered.py", line 109, in insert
        cur.execute("INSERT INTO store (id, quantity, price, item) VALUES (%s, %s, %s, %s)" % (id, item, quantity, price))
      File "C:\Program Files\Python36\lib\site-packages\mysql\connector\cursor_cext.py", line 266, in execute
        raw_as_string=self._raw_as_string)
      File "C:\Program Files\Python36\lib\site-packages\mysql\connector\connection_cext.py", line 395, in cmd_query
        sqlstate=exc.sqlstate)
    mysql.connector.errors.ProgrammingError: 1054 (42S22): Unknown column 'test' in 'field list'
    [Finished in 0.8s with exit code 1]

2 个答案:

答案 0 :(得分:0)

您没有正确使用占位符功能。正确的行是:

cur.execute("INSERT INTO store (id, quantity, price, item) 
            VALUES (%s, %s, %s, %s)", (id, item, quantity, price))

请注意, %会造成严重的SQL injection bugs

您的查询被扩展为类似的内容:

INSERT INTO store (...) VALUES (1, test, 1, 1.0);

test部分未加引号,并且被视为可能的列名。

答案 1 :(得分:0)

您已经混合了insert语句中的列顺序,将“ INSERT INTO商店(id,数量,价格,商品)”更改为“ INSERT INTO商店(id,项目,数量,价格)”,请注意列的位置命名项目是!     导入mysql.connector

def create_table():
  cur.execute("CREATE TABLE IF NOT EXISTS store " \
           "(id INT PRIMARY KEY, item VARCHAR(25), quantity INT, price REAL);")
  conn.commit()
  return

def insert(id, item, quantity, price):
  cur.execute("INSERT INTO store (id, item, quantity, price)" \
            "VALUES (%s, '%s', %s, %s)" % (id, item, quantity, price))
  conn.commit()
  return

#
conn = mysql.connector.connect(user="root",
   host='localhost',database='DO',port='3306')
cur = conn.cursor()

create_table
insert(50, 'test', 20, 10)
insert(51, 'test', 20, 10)
insert(52, 'test', 20, 10)
conn.close()

从MySQL

mysql> select * from store;
+----+------+----------+-------+
| id | item | quantity | price |
+----+------+----------+-------+
| 50 | test |       20 |    10 |
| 51 | test |       20 |    10 |
| 52 | test |       20 |    10 |
+----+------+----------+-------+
3 rows in set (0.00 sec)

mysql>  INSERT INTO store (id, item, quantity, price) VALUES (53, 'test', 20, 10);
Query OK, 1 row affected (0.00 sec)

mysql> select * from store;
+----+------+----------+-------+
| id | item | quantity | price |
+----+------+----------+-------+
| 50 | test |       20 |    10 |
| 51 | test |       20 |    10 |
| 52 | test |       20 |    10 |
| 53 | test |       20 |    10 |
+----+------+----------+-------+
4 rows in set (0.00 sec)