SyntaxFix

[python] Python MYSQL update statement

I'm trying to get this Python MYSQL update statement correct(With Variables):

cursor.execute ("UPDATE tblTableName SET Year=%s" % Year ", Month=%s" % Month ", Day=%s" % Day ", Hour=%s" % Hour ", Minute=%s" Minute "WHERE Server=%s " % ServerID)

Any ideas where I'm going wrong?

This question is related to python mysql mysql-python sql-parametrized-query

The answer is

It should be:

cursor.execute ("""
   UPDATE tblTableName
   SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
   WHERE Server=%s
""", (Year, Month, Day, Hour, Minute, ServerID))

You can also do it with basic string manipulation,

cursor.execute ("UPDATE tblTableName SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s WHERE Server='%s' " % (Year, Month, Day, Hour, Minute, ServerID))

but this way is discouraged because it leaves you open for SQL Injection. As it's so easy (and similar) to do it the right waytm. Do it correctly.

The only thing you should be careful, is that some database backends don't follow the same convention for string replacement (SQLite comes to mind).

Here is the correct way:

import MySQLdb

if __name__ == '__main__':
    connect = MySQLdb.connect(host="localhost", port=3306,
                              user="xxx", passwd="xxx", db='xxx', charset='utf8')

    cursor = connect.cursor()

    cursor.execute("""
       UPDATE tblTableName
       SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
       WHERE Server=%s
    """, (Year, Month, Day, Hour, Minute, ServerID))

    connect.commit()
    connect.close()

P.S. Don't forget connect.commit(), or it won't work

Neither of them worked for me for some reason.

I figured it out that for some reason python doesn't read %s. So use (?) instead of %S in you SQL Code.

And finally this worked for me.

   cursor.execute ("update tablename set columnName = (?) where ID = (?) ",("test4","4"))
   connect.commit()

You've got the syntax all wrong:

cursor.execute ("""
   UPDATE tblTableName
   SET Year=%s, Month=%s, Day=%s, Hour=%s, Minute=%s
   WHERE Server=%s
""", (Year, Month, Day, Hour, Minute, ServerID))

For more, read the documentation.

@Esteban Küber is absolutely right.

Maybe one additional hint for bloody beginners like me. If you speciify the variables with %s, you have to follow this principle for EVERY input value, which means for the SET-variables as well as for the WHERE-variables.

Otherwise, you will have to face a termination message like 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%s WHERE'

Source: Stackoverflow.com

Examples related to python

programming a servo thru a barometer Is there a way to view two blocks of code from the same file simultaneously in Sublime Text? python variable NameError Why my regexp for hyphenated words doesn't work? Comparing a variable with a string python not working when redirecting from bash script is it possible to add colors to python output? Get Public URL for File - Google Cloud Storage - App Engine (Python) Real time face detection OpenCV, Python xlrd.biffh.XLRDError: Excel xlsx file; not supported Could not load dynamic library 'cudart64_101.dll' on tensorflow CPU-only installation

Examples related to mysql

Implement specialization in ER diagram How to post query parameters with Axios? PHP with MySQL 8.0+ error: The server requested authentication method unknown to the client Loading class `com.mysql.jdbc.Driver'. This is deprecated. The new driver class is `com.mysql.cj.jdbc.Driver' phpMyAdmin - Error > Incorrect format parameter? Authentication plugin 'caching_sha2_password' is not supported How to resolve Unable to load authentication plugin 'caching_sha2_password' issue Connection Java-MySql : Public Key Retrieval is not allowed How to grant all privileges to root user in MySQL 8.0 MySQL 8.0 - Client does not support authentication protocol requested by server; consider upgrading MySQL client

Examples related to mysql-python

mysql-python install error: Cannot open include file 'config-win.h' Python 3.4.0 with MySQL database ImportError: No module named MySQLdb Install mysql-python (Windows) IndexError: tuple index out of range ----- Python cursor.fetchall() vs list(cursor) in Python How to insert pandas dataframe via mysqldb into database? Visibility of global variables in imported modules Replacing Pandas or Numpy Nan with a None to use with MysqlDB mysql_config not found when installing mysqldb python interface

Examples related to sql-parametrized-query

In PHP with PDO, how to check the final SQL parametrized query? Python MYSQL update statement

Tags

Buildengine Shim Jboss-rules Configure Editing Air2 External-display Fseek Double-quotes Memoization Column-alias Precompiler Compositeusertype Backtracking Manpage Javapos Multivariate-testing Content-management-system Datagridtemplatecolumn Back Smart-device Indy-9 Transducer Uplevel Ejbql Fragmentation Getattr Simulate Enterprise-integration Perl-hash Size-t Overlay-icon-disappear Import-from-excel Grails-validation Coordinate-transformation Opcodes Ontouchlistener Viewstate Dynamic-usercontrols Plasma Resolveassemblyreference Emacspeak Web-architecture Soaplite File Motordriver Fieldinfo Operation God-object Filter-var Dotfuscator Mod-python Plyr Group-policy Episerver-6 Python-sphinx Is-empty Sapb1 Ssrs-grouping Input-type-file Whenever Modernizr Datarepeater Spss Raw-data Multi-user Wowza Video4linux Dynamic-keyword Structural-typing Unmanaged-memory Primary-interop-assembly Math.sqrt Application-design Alias-method-chain Wolfram-mathematica Iphone-video Faultexception Speech-synthesis Appcelerator-mobile Index.dat Mknod Letters Reverse-engineering Quickbasic Mat-file Microstrategy Base32 Stdstring Privatefontcollection Calendar Slidedown Powerdesigner Rostering Flowplayer Custom-activity Click Packets Libvirt Uninstallation