I am trying to insert values to columns in a table of a sqlite3 DB
as follows:
c.execute("""CREATE TABLE IF NOT EXISTS keys(name TEXT, po TEXT, options TEXT, identifier TEXT, currtime TEXT)""")
c.execute('INSERT INTO keys VALUES ( ' + Customer_Name + ' , ' + Purchase_Order + ' , ' + options + ' , ' + UUID + ' , ' + currtime + ' )')
These arguments are actually passed from HTML front end. I convert them from unicode to string as follows:
options = str(request.form.get("Software_Options"))
UUID = str(request.form.get("UUID_Identifier"))
Customer_Name = str(request.form.get("Customer_Name"))
Purchase_Order = str(request.form.get("Purchase_Order"))
currtime= str(datetime.datetime.now())[:10]
If the are integers there is no error.
If the input is a string ( e.g. joseph) it gives the following error. Any idea why?
OperationalError: no such column: joseph
You seem to be obtaining the contents for one database record at a time from the web front-end. That being the case, you can build a record as a list and insert it in the database in the following way.
import sqlite3
conn = sqlite3 . connect ( 'db.sqlite' )
c = conn . cursor ( )
c.execute("""CREATE TABLE IF NOT EXISTS keys(name TEXT, po TEXT, options TEXT, identifier TEXT, currtime TEXT)""")
oneRecord = [ 'joe', 'DA123', 'nilbymouth', '0034', '1653', ]
c.execute('INSERT INTO keys VALUES (?,?,?,?,? )', oneRecord)
conn.close()
The use of this type of construction, involving the '?' character, is also considered safer that others against injection attacks.
Related
Python sqlite operation,SQL statement 'where field in (1,2)' syntax error
The error is:sqlite3.OperationalError: near ":id": syntax error
My search of the Official Python documentation and Google failed to find the answer:
https://docs.python.org/3/library/sqlite3.html
How should arguments be passed?
'''first create test.db:table and field
CREATE TABLE test_tab (
id INTEGER PRIMARY KEY ASC,
test_num INT,
test_field TEXT
);
'''
import sqlite3
con = sqlite3.connect('test.db')
con.set_trace_callback(print) # start the debug
d = [
(111,'aaa'),
(111,'bbb'),
(111,'ccc'),
(444,'ddd')
]
sql = "insert into `test_tab` (`test_num`, `test_field`) values (?,?)"
cursor = con.executemany(sql, d)
con.commit() # Execute successfully
#####################
# wrong code begin,why sql 'in ()' is wrong?
sql = "SELECT * from `test_tab` where `test_num`=:num AND `id` in :id"
par = {'num': 111, 'id': (1,2)} # The number of 'id' parameters is uncertain
x = con.execute(sql, par)
print(x.fetchall())
In the second query, you would need actually separate placeholders for every value in the IN clause. In addition, I would use ? here:
num = 111
ids = (1, 2)
par = (num,) + ids
sql = "select * from test_tab where test_num = ? AND id in "
in_clause = '(?' + ', ?'*(len(ids) - 1) + ')'
sql = sql + in_clause
x = con.execute(sql, par)
print(x.fetchall())
The SQL query generated by the above script is:
select * from test_tab where test_num = ? AND in (?, ?)
and we bind (111, 1, 2) to the three ? placeholders.
I have a database with a Table "Neon". I am trying to get all the keywords associated with the table "Neon" related to a search string.
Example:
Neon Records:
POLICY_NUM DAYS_TO_BOUND
0170254497 PL Rating
0755698054 PL Rating
1525668307 PL Rating
1525668312 Air
1525668314 Java
1525668356 Sand
and I have a search string
"Save the day by Sand and Java"
I want to get the results like
['Sand':'1525668356','Java':'1525668314']
Trails Done are connecting to Database and Extracting Table Data
import pandas as pd
import logging
import config
from sqlalchemy import create_engine # install mysqlConnector and PyMySql
def db_connection():
"""
:return:
"""
try:
engine = create_engine('mysql+pymysql://{0}:{1}#{2}/{3}'.format(config.database_config['user'],
config.database_config['password'],
config.database_config['host'],
config.database_config['database']))
return engine
except Exception as e:
logging.info(e)
finally:
pass
def extract_table(query):
"""
:param query:
:return:
"""
engine = db_connection()
sql_select_query = query
details = pd.read_sql(sql_select_query, engine)
return details
database_query = {
'select_query_for_data': 'select * from Neon'
}
Please let me know your thoughts on this.
Are you looking for this?
DECLARE #DataSource TABLE
(
[POLICY_NUM] VARCHAR(16)
,[DAYS_TO_BOUND] VARCHAR(16)
);
INSERT INTO #DataSource ([POLICY_NUM], [DAYS_TO_BOUND])
VALUES ('0170254497', 'PL Rating')
,('0755698054', 'PL Rating')
,('1525668307', 'PL Rating')
,('1525668312', 'Air')
,('1525668314', 'Java')
,('1525668356', 'Sand');
DECLARE #DataString VARCHAR(4000) = 'Save the day by Sand and Java';
DECLARE #DataStringXML XML = '<a>' + REPLACE(#DataString, ' ', '</a><a>') + '</a>';
WITH DataSource ([rowID], [rowValue]) AS
(
SELECT ROW_NUMBER() OVER (ORDER BY T.c ASC)
,T.c.value('.', 'VARCHAR(256)')
FROM #DataStringXML.nodes('a') T(c)
)
SELECT '[' + STUFF
(
(
SELECT ',' + '''' + V.[rowValue] + ''':''' + D.[POLICY_NUM] + ''''
FROM DataSource V
INNER JOIN #DataSource D
ON V.[rowValue] = D.[DAYS_TO_BOUND]
ORDER BY V.[rowID]
FOR XML PATH(''), TYPE
).value('.', 'VARCHAR(MAX)')
,1
,1
,''
) + ']'
it yields:
['Sand':'1525668356','Java':'1525668314']
Sorry. I am new to expressing SQL statement in Python.
I am trying to do "Select x .. " from previous result of query.
For example, I have a first query (sql1):
sql1 = 'select course_id, record_id from Courses ' \
' where ( record_id not in ("TEST", "TEST123")) '
cursor.execute(sql1)
e = cursor.fetachall()
When I tried to do it without breaking down queries, I got an error due to different data type.
Now, how do I go about selecting from sql1 (this time I have to add one calculation of data) ?
sql2 = ' select course_id, max(record_id) + 1 from ... ? '
make sql1 a subquery of sql2. For example:
"""select course_id, max(record_id) + 1 from
(select course_id, record_id from Courses
where record_id not in ('TEST', 'TEST123'))"""
You could use a view to store the query.
CREATE OR REPLACE VIEW v AS
select course_id, record_id from Courses
where ( record_id not in ("TEST", "TEST123"));
select course_id, max(record_id) + 1 from v;
With this you will need only one query with Python.
sql1 = 'CREATE OR REPLACE VIEW v AS
select course_id, record_id from Courses
where ( record_id not in ("TEST", "TEST123"));
select course_id, max(record_id) + 1 from v;'
cursor.execute(sql1)
e = cursor.fetachall()
More information about view: https://dev.mysql.com/doc/refman/5.7/en/create-view.html
I have written a small script to create a MySQL database, create a table (previously erase it if already exists), and insert many entries. When I execute my script, it works creating the database and table, but does not write any entry to the table:
from warnings import filterwarnings
import MySQLdb as db
filterwarnings('ignore', category = db.Warning)
try:
db_name = 'chom'
con = db.connect(user='user', passwd='pass')
cur = con.cursor()
# Create new database
cur.execute('CREATE DATABASE IF NOT EXISTS ' + db_name + ';')
# Create PARAMETERS table
cur.execute('DROP TABLE IF EXISTS ' + db_name + '.PARAMETERS;')
query = ('CREATE TABLE ' + db_name + '.PARAMETERS ('
'idPARAMETERS INT(10) NOT NULL AUTO_INCREMENT, '
'Param_name VARCHAR(30) NULL DEFAULT NULL, '
'Param_value VARCHAR(255) NULL DEFAULT NULL, '
'Timestamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP '
'ON UPDATE CURRENT_TIMESTAMP, '
'User_id VARCHAR(20) NULL DEFAULT NULL, '
'PRIMARY KEY (idPARAMETERS) );'
)
cur.execute(query)
# Insert entries
parameters = ['param1', 'param2', 'param3',
'param4']
for i, param_name in enumerate(parameters, start=1):
cur.execute('INSERT INTO ' + db_name + '.PARAMETERS '
'(idPARAMETERS, Param_name, Param_value, User_id) '
'VALUES (' + str(i) + ', %s, %s, %s);',
(param_name, '', 'user2#localhost'))
cur.close()
con.commit()
except Exception, e:
print 'Error. Last query: ' + str(cur._last_executed)
print e
print 'DB installation script finished'
I can't see where the problem is. Any idea?
The code worked correctly, it was mysql-workbench fault, which was not showing the correct database content (while mysql console client did).
I am trying to access SQL server 2008 R2 from Eclipse pydev ( python 3.2 ) on win7 .
I need to create a table on database.
The code can be run well. But, I cannot create tables in the database.
If I print the sql string and run the query from SQL server management studio, no problems.
import pyodbc
sql_strc = " IF OBJECT_ID(\'[my_db].[dbo].[my_table]\') IS NOT NULL \n"
sql_strc1 = " DROP TABLE [my_db].[dbo].[my_table] \n"
sql_stra = " CREATE TABLE [my_db].[dbo].[my_table] \n"
sql_stra1 = "(\n"
sql_stra1a = " person_id INT NOT NULL PRIMARY KEY, \n"
sql_stra1b = " value float NULL, \n"
sql_stra1r = "); \n"
sql_str_create_table = sql_strc + sql_strc1 + sql_stra + sql_stra1 + sql_stra1a + sql_stra1b + sql_stra1r
# create table
sql_str_connect_db = "DRIVER={SQL server};SERVER={my_db};DATABASE={my_table};UID=my_id; PWD=my_password"
cnxn = pyodbc.connect(sql_str_connect_db)
cursor = cnxn.cursor()
cursor.execute( sql_str_create_table)
Any help would be appreciated.
Thanks
Autocommit is off by default, add the following to commit your change:
cnxn.commit()
Some unsolicited advice for making your code more readable:
Remove unnecessary escape characters from SQL strings
Use triple-quote (""") syntax when defining multiline strings. Newline characters are preserved and don't need to be explicitly added.
Use keywords in the connect function call (this is trivial, but I think it makes formatting easier)
With these changes, your final code looks something like:
import pyodbc
sql = """
IF OBJECT_ID('[my_db].[dbo].[my_table]') IS NOT NULL
DROP TABLE [my_db].[dbo].[my_table]
CREATE TABLE [my_db].[dbo].[my_table]
(
person_id INT NOT NULL PRIMARY KEY,
value FLOAT NULL
)
"""
cnxn = pyodbc.connect(driver='{SQL Server}', server='server_name',
database='database_name', uid='uid', pwd='pwd')
cursor = cnxn.cursor()
# create table
cursor = cursor.execute(sql)
cnxn.commit()