Incorrect Number of Bindings Error with SQLite - python
A little background I am doing this in python 2.7 for the reason of Alexa Rank through SeoLib but am completely open to updating if that would help this issue or possibly solve future issues.
Now this program sorts through sites that I have in a predetermined csv that looks like the following:
site
00rbt.com
I am specifically getting the following error:
File "igorPanda.py", line 84, in <module>
update_site(site,cur_ip,cur_rank,cur_hash)
File "igorPanda.py", line 30, in update_site
(site))
sqlite3.ProgrammingError: Incorrect number of bindings supplied. The current statement uses 1, and there are 9 supplied.
Where this error is occuring is:
def update_site(site,cur_ip,cur_rank,cur_hash):
conn = sqlite3.connect('/root/Database/Sites.db')
cursor = conn.cursor()
with conn:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)",
(site))
record = cursor.fetchone()
if record[0] == 1:
cursor.execute("UPDATE sites SET cur_ip = ?, cur_rank = ?, cur_hash = ? WHERE site = ?",
(cur_ip,cur_rank,cur_hash,site))
else:
cursor.execute("INSERT into sites values (?,?,?,?,?,?,?,?)",
(site,cur_ip,None,cur_rank,None,None,cur_hash,None))
My entire code except imports is:
#Updates the DB
def update_site(site,cur_ip,cur_rank,cur_hash):
conn = sqlite3.connect('/root/Database/Sites.db')
cursor = conn.cursor()
with conn:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)",
(site))
record = cursor.fetchone()
if record[0] == 1:
cursor.execute("UPDATE sites SET cur_ip = ?, cur_rank = ?, cur_hash = ? WHERE site = ?",
(cur_ip,cur_rank,cur_hash,site))
else:
cursor.execute("INSERT into sites values (?,?,?,?,?,?,?,?)",
(site,cur_ip,None,cur_rank,None,None,cur_hash,None))
#Moves CSV for Historical Savings
bashmove = "mv top.csv /root/Desktop/scripts/results-igor/top-$(date +%m-%d-%Y).csv"
#Sets file with all sites to variable
filename='/root/Desktop/scripts/sorted.csv'
#Creates hash algorithm for later use
hasher = hashlib.sha256()
sess = requests.Session()
x = datetime.datetime.now()
date = x.strftime('%Y-%m-%d')
regex = r"^(?:https?:)?(?:\/\/)?(?:[^#\n]+#)?(?!www\.)?([^:\/\n]+)\w*\.\b(com|org|co|be|de|br|(\w+\b))" #regex to get stripepd website no https://www. or anything afte$
df = pd.DataFrame()
df = df.append(pd.read_csv(filename), ignore_index=True)
ip = "NOT FOUND"
for i in df.index:
#print(i)
site = df['site'][i]
try :
ip = socket.gethostbyname(site)
page = requests.get('http://' + df['site'][i], timeout=5)
hasher.update((page.text).encode('utf-8'))
except: #ignore errors if the site is bad
pass
try :
alexa_rank = seo.get_alexa('http://{}'.format(site)) #seolib gets the alexa ranking
#alexa_rank = None
except:
pass
site = site
cur_ip = ip
cur_rank = alexa_rank
cur_hash = hasher.hexdigest()
update_site(site,cur_ip,cur_rank,cur_hash)
rd = call(["/root/Desktop/scripts/./rDNSlookup.sh", site, ip]) #call bash script to get reverse DNS of ip
wi = call(["/root/Desktop/scripts/./whois.sh", site]) #call bash script to print host info
with open('/root/Desktop/scripts/IGOR_His/'+ date + 'sites.csv', 'a') as f:
print >> f, 'site: ',site,', ip: ',ip,', rank: ',alexa_rank, ', hash', cur_hash
shutil.copy("/root/Database/Sites.db", "/var/www/html/sites/Sites.db")
The table has the following columns:
site,cur_ip,prev_ip,cur_rank,prev_rank,play,cur_hash,prev_hash
TL;DR: use (site,)
In detail:
cursor.execute expects the second paramter to be an iterable.
When your code says:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", (site))
Then (site) is not a tuple - you probably meant to convert it to a tuple by wrapping it in ().
So what you meant/want is:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", (site,))
Notice the extra ,!
To avoid this tuple confusion, you can also use a list:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", [site])
The issue in even more detail:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", (site))
is the same as:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", site)
is the same (in your case) as:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", "00rbt.com")
The string 00rbt.com is used as iterable, and since it has 9 characters, you get the error:
sqlite3.ProgrammingError: Incorrect number of bindings supplied. The current statement uses 1, and there are 9 supplied.
You get this error, because here:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", (site))
you should pass, as the 2nd argumnet of execute() a tuple and not just a string.
This is easily fixed by adding a comma like this:
cursor.execute("SELECT EXISTS(SELECT * from sites WHERE site = ?)", (site,))
But, if your version of SQLite is 3.24.0+, you should consider taking a different approach by choosing UPSERT as the method to do what you want.
You want to insert a new row if the site value does not exist in the table or update the existing row if it does exist.
So, assuming there is already a unique constraint for the column site, you can do it more efficiently with:
sql = """
INSERT into sites values (?,?,?,?,?,?,?,?)
ON CONFLICT(site) DO UPDATE SET
cur_ip = EXCLUDED.cur_ip, cur_rank = EXCLUDED.cur_rank, cur_hash = EXCLUDED.cur_hash
"""
cursor.execute(sql, (site,cur_ip,None,cur_rank,None,None,cur_hash,None))
Related
sqlite3.OperationalError: incomplete input on my code
Can someone help me understand what's incomplete about my code, no matter what I try I keep getting the sqlite3.OperationalError: incomplete input. My code is
editor = Tk()
editor.title('Edit Record')
editor.geometry('400x400')
#Creating database
conn = sqlite3.connect('Student_info.db')
c = conn.cursor()
record_id = delete_box.get()
#Query the database
c.execute("SELECT * FROM Student_info WHERE oid ="+(record_id))<-----
records = c.fetchall()
The line that sublime is referring to is the one I've drawn an arrow to, if anyone could help that would be great!
Your syntax for execute() is off. You should be using a prepared statement as the first parameter, followed by a tuple of parameters as the second function parameter:
record_id = delete_box.get()
c.execute("SELECT * FROM Student_info WHERE oid = %s", (record_id,))
records = c.fetchall()
Transfering Data in MS Access Using Python
I have an ever growing and changing database that reflects a permits passed by the State and EPA.
As the database changes and updates I need to transfer the relevant information.
The script does two things; first it checks which fields are the same and creates a list of fields and data that will be inserted into the new database. Second to insert the data into the new database.
Problem is I cannot get it to insert. I have matched everything like it says online in various ways but i get error ('42000', '[42000] [Microsoft][ODBC Microsoft Access Driver] Syntax error in INSERT INTO statement. (-3502) (SQLExecDirectW)').
I cannot figure out how to prevent it.
Code:
import pyodbc
importDatabase = r"J:\ENVIRO FIELD\AccessDatabases\MS4\MS4 Town Databases\~Template\MS4_Apocalypse Import DEV 1.accdb"
"Create the Import Database Connection"
connectionImport = pyodbc.connect(r'Driver={Microsoft Access Driver (*.mdb, *.accdb)};DBQ=%s;' %(importDatabase))
cursorImport = connectionImport.cursor()
"####---Outfall Section---####"
"Import the outfall names into the new database"
tbl = "tbl_Outfall_1_Profile"
exportList = []
importList = []
for row in cursorImport.columns(table = "tblExportMigration_Outfall_1_Profile"):
field = row.column_name
exportList.append(field)
for row in cursorImport.columns(table = "tbl_Outfall_1_Profile"):
field = row.column_name
importList.append(field)
matchingList = []
for field in exportList:
if field != "outfallID":
if field in importList:
matchingList.append(field)
else:
continue
sqlValue = ""
for field in matchingList:
sqlValue += "[%s], " %(field)
sqlValue = sqlValue[:-2]
sql = "SELECT %s from %s" %(sqlValue, "tblExportMigration_Outfall_1_Profile")
for rowA in cursorImport.execute(sql):
tupleList = list(rowA)
tupleList = ["" if i == None else i for i in tupleList]
tupleValues = tuple(tupleList)
sqlUpdate = """INSERT INTO tbl_Outfall_1_Profile (%s) Values %s;""" %(sqlValue, tupleValues)
cursorImport.execute(sqlUpdate)
cursorImport.close()
This is the sql string I create
"INSERT INTO tbl_Outfall_1_Profile ([profile_OutfallName], [profile_HistoricalName1], [profile_HistoricalName2], [profile_HistoricalName3], [profile_HistoricalName4]) Values ('756', '', '', '', '');"
Taking what #Gord Thompson said I was actually able to create a dynamic parameter flow First created a module to create the ? def Defining_Paramters(length): parameterString = "" for x in range(1,length): parameterString += "?, " parameterString += "?" return parameterString Then stuck it into the string for the sql update sqlUpdate = sqlUpdate = "INSERT INTO %s (%s) Values (%s);" %(table, sqlFrameworkSubStr, parameters) Run the cursor and commit it cursorTo.execute(sqlUpdate, (dataTuple)) connectionTo.commit() It would seem that you have to create the query in its entirety then have your data in tuple format for entry
This is the sql string [I think] I create Try this: sqlUpdate = """INSERT INTO tbl_Outfall_1_Profile (%s) Values (%s);""" %(sqlValue, tupleValues) or perhaps: sqlUpdate = "INSERT INTO tbl_Outfall_1_Profile (%s) Values (%s);" %(sqlValue, tupleValues)
How to use place holders in tkinter sqlite
I have a program with a sqlite database and I'm trying to update a record by using place holders. I'm not sure why but I'm getting the following error: TypeError: function takes at most 2 arguments (3 given)
So here is a sample of my code if anyone can figure out what I'm doing wrong.
conn = sqlite3.connect('roominventory.db')
c = conn.cursor()
c.execute("SELECT * FROM rooms")
records = c.fetchall()
for record in records:
if record[0] == roomget:
break
t = ("N",)
rm = (roomget,)
c.execute("UPDATE rooms SET vacant = ? WHERE number = ?", t, rm)
c.fetchall()
conn.commit()
conn.close()
You should use tuple:
t = "N"
rm = roomget
c.execute("UPDATE rooms SET vacant = ? WHERE number = ?", (t, rm))
# c.fetchall() # should not call it here
conn.commit()
conn.close()
In your update query, I think if you do like this it should work. t = "N" rm = roomget query = "UPDATE rooms SET vacant = ? WHERE number = ?", (t, rm) c.execute(*query) # c.fetchall() # should not call it here conn.commit() conn.close() This is because of at the time of executing query it will be parsed and need to unpack the tuple. Let me know if works.
How do you read individual values from the same row in a database with sqlite?
I am attempting to read 2 values from the same row in a database but I am only good enough to read the entire line at once. I have added all the code that I think will be relevant:
def find(search, term):
# Helper function for the find function.
with connect("GTINb.db") as db:
cursor = db.cursor()
sql = "select * from GTINb where {} = ?".format(search)
cursor.execute(sql,(term,))
db.commit()
results = cursor.fetchall()
new = str(term)
if results:
results = str(results)
temp = open('temp.txt', 'a')
temp.write(results)
temp.write('\n')
temp.close()
with connect("GTINb.db") as db:
cursor.execute("UPDATE GTINb SET stockcur=stockcur-1 WHERE GTIN8=(?)",(new,))
cur = cursor.execute("SELECT stockcur from GTINb by (?)",(new,))
re = cursor.execute("SELECT restock from GTINb by (?)",(new,))
if cur < re:
cursor.execute("UPDATE GTINb SET stockcur=stockcur+10 WHERE GTIN8=(?)",(new,))
return print('More stock has been ordered in as stocks were low')
else:
return
else:
temp = open('temp.txt', 'a')
temp.write('Product not found')
temp.write('\n')
temp.close()
return
I am currently getting the error sqlite3.OperationalError: near "(": syntax error, and have tried replacing the '(?)' with %s, (%s) and ? with no success, coming up with the following error messages:
sqlite3.OperationalError: near "12345670": syntax error // where 12345670 was the input represented by new
sqlite3.OperationalError: near "(": syntax error
sqlite3.OperationalError: near "?": syntax error
Is there another way of doing this or have I made a simple mistake?
None of the SQL statements you've written are valid SQL. Please consult the SQLite documentation for the valid syntax. Briefly: UPDATE GTINb SET stockcur=stockcur-1 WHERE GTIN8=(?) SELECT stockcur from GTINb by (?) SELECT restock from GTINb by (?) should be UPDATE GTINb SET stockcur=stockcur-1 WHERE GTIN8 = ? SELECT stockcur FROM GTINb WHERE GTIN8 = ? SELECT restock FROM GTINb WHERE GTIN8 = ? although the first one will probably execute with the unneeded parentheses. Once you have your SQL working you will find that the second two statements can be combined into SELECT stockcur, restock FROM GTINb WHERE GTIN8 = ? which I believe is what you were asking about.
Using SQL Server stored procedures from Python (pyodbc)
I'm have a stored procedure, code: DECLARE #RC int DECLARE #id varchar(13) DECLARE #pw varchar(13) DECLARE #depart varchar(32) DECLARE #class varchar(12) DECLARE #name varchar(12) DECLARE #birthday varchar(10) DECLARE #grade int DECLARE #subgrade int SELECT #id = 'test' SELECT #pw = '12345' SELECT #depart = 'none' SELECT #class = 'GM' SELECT #name = 'name' SELECT #birthday = 'None' SELECT #grade = 3 SELECT #subgrade = 2 EXEC #RC = [my_database].[dbo].[my_table] #id, #pw, #depart, #class, #name, #birthday, #grade, #subgrade DECLARE #PrnLine nvarchar(4000) PRINT 'Stored Procedure: my_database.dbo.my_table' SELECT #PrnLine = ' Return Code = ' + CONVERT(nvarchar, #RC) How i can make a raw sql query to create account using this procedure? I'm using flask and pyodbc.
From the pyodbc documentation
To call a stored procedure right now, pass the call to the execute method using either a format your database recognizes or using the ODBC call escape format. (The ODBC driver will then reformat the call for you to match the given database.)
For SQL Server you would use something like this:
# SQL Server format
cursor.execute("exec sp_dosomething(123, 'abc')")
# ODBC format
cursor.execute("{call sp_dosomething(123, 'abc')}")
So to call your procedure
id_ = 'test'
pw = '12345'
depart = 'none'
class_ = 'GM'
name = 'name'
birthday = 'None'
grade = 3
subgrade = 2
sql = 'exec [my_database].[dbo].[my_table](?, ?, ?, ?, ?, ?, ?, ?)'
values = (id_, pw, depart, class_, name, birthday, grade, subgrade)
cursor.execute(sql, (values))
The accepted answer does not address the issue of capturing the return value from the stored procedure, which can be done like this: id_ = 'test' pw = '12345' depart = 'none' class_ = 'GM' name = 'name' birthday = 'None' grade = 3 subgrade = 2 sql = """\ SET NOCOUNT ON; DECLARE #RC int; EXEC #RC = [my_database].[dbo].[my_sp] ?, ?, ?, ?, ?, ?, ?, ?; SELECT #RC AS rc; """ values = (id_, pw, depart, class_, name, birthday, grade, subgrade) cursor.execute(sql, values) rc = cursor.fetchval() # pyodbc convenience method similar to cursor.fetchone()[0]
Don't forget SET NOCOUNT ON in your stored procedure.
Another flavour of Gord's answer is using OUTPUT and named parameters (to be defined within the Stored procedure) for clarity. id_ = 'test' pw = '12345' depart = 'none' class_ = 'GM' name = 'name' birthday = 'None' grade = 3 subgrade = 2 sql = """\ DECLARE #RC int; EXEC [my_database].[dbo].[my_sp] #RC OUTPUT, #id_=?, #pw=?, #depart=?, #class_=?, #name=?, #birthday=?, #grade=?, #subgrade=?; SELECT #RC AS rc; """ values = (id_, pw, depart, class_, name, birthday, grade, subgrade) cursor.execute(sql, values) rc = cursor.fetchval()
With a cursor initialized by your connection, the sp can be called directly as follow sql = " exec your_SP #codemp = ?, #fecha = ? " prm = (dict['param1'], dict['param2']) cursor.execute(qry, params)
After searching everywhere for this solution, i couldnt find a simplified version. All results seem to overcomplicate this that should be so easy to do. Heres my solution.
import pyodbc
import pandas as pd
import datetime as d
conn = pyodbc.connect('Driver=;'
'Server=;'
'Database=;'
'UID=;'
'PWD=;')
# define parameters to be passed in and out
quarter_date = d.date(year=2020, month=10, day=1)
SQL = r'exec TERRITORIES_SP #quarterStart = ' + "'" + str(quarter_date) + "'"
print(SQL)
try:
cursor = conn.cursor()
cursor.execute(SQL)
cursor.close()
conn.commit()
finally:
conn.close()
For MSSQL the correct format is this: SQL = 'exec sp_UpdateUserGoogleAuthenticated ''?'', ''?''' Try running the Stored Procedure in MSSQL in the SQL Query window and it will fail every time with () surrounding the ? marks. If you escape the single quotes it will allow for variables with spaces in them.