We Keep Coding

Executing multiple SQL queries with Python Flask

I have a python function which should execute 2 SQL queries. I have found that it is impossible to execute 2 queries in one command at once, so as a workaround I created a list of my queries and try to iterate over it with execute command. However nothing is added to MySQL table. Here is the code:
#app.route('/addComment', methods=['POST'])
def addComment():
try:
if session.get('user'):
_description = request.form['description']
_user = session.get('user')
_term_id = request.form['termID']
_time = datetime.now()
operation = ['"INSERT INTO comments (description, user, termID, time) VALUES (%s, %s, %s, %s)", (_description, _user, _term_id, _time)', '"INSERT INTO history (user, term, time) VALUES (%s, %s, %s)", (_user, _term_id, _time)']
conn = mysql.connect()
cursor = conn.cursor()
for item in operation:
cursor.execute()
conn.commit()
data = cursor.fetchall()
if len(data) == 0:
conn.commit()
return json.dumps({'status':'OK'})
else:
return json.dumps({'status':'ERROR'})
except Exception as e:
return json.dumps({'status':'Unauthorized access'})
finally:
cursor.close()
conn.close()
Could you please help me?

Errors in your code lies in the following areas:
A. On iteration sql statement is not passed to execute()
Should be:
for item in operation:
cursor.execute(item)
conn.commit()
B. Invalid parameterization
'"INSERT INTO comments (description, user, termID, time) VALUES (%s, %s, %s, %s)", (_description, _user, _term_id, _time)'
This string statement doesn't apply variables to SQL statement string. Depending on your value types you should decide whether to add ' (apostrophe) or not. More safely would be to pass parameters to .execute() function. Example below.
cursor.execute(
"INSERT INTO comments (description, user, termID, time) VALUES (:description, :user, :term_id, :time)",
description=_description,
user=_user,
term_id=_term_id,
time=_time
)

Using Python to Import CSV to a MySQL table

I can not execute a Python file to import CSV file to MySQL table.
import csv
import mysql.connector
mydb = mysql.connector.connect(
host='localhost',
user='root',
passwd='',
database='ricoh_oms'
)
cursor = mydb.cursor()
csv_data = csv.reader(open("slv_internal.csv"))
for row in csv_data:
cursor.execute("INSERT INTO slv_internal (GID, FullName, CostCenter) VALUES (%s, %s, %s)")
mydb.commit()
cursor.close()
print("Done")
I am newbie and dont understand the meaning of marker %s in the error. Thansk for your help. The error is:
Error:
"mysql.connector.errors.ProgrammingError: 1064 (42000): You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '%s, %s, %s)' at
line 1"

you are trying to Execute Parameterized Query
Example:
insert_stmt = (
"INSERT INTO employees (emp_no, first_name, last_name, hire_date) "
"VALUES (%s, %s, %s, %s)"
)
data = (2, 'Jane', 'Doe', datetime.date(2012, 3, 23))
cursor.execute(insert_stmt, data)
in code you are missing parameters:
cursor.execute("INSERT INTO slv_internal (GID, FullName, CostCenter) VALUES (%s, %s, %s)", ("value1","value2","value3"))
some documentation:
https://dev.mysql.com/doc/connector-python/en/connector-python-api-mysqlcursor-execute.html

%s set correctly but PyMySQL still complaining about %d

I am new to Python and am trying to create a form that will save the data to a DB via PyMySQL, but I'm having an issue connecting to the DB. I have followed an example code (my version is below) and checked all syntax and speech marks thoroughly but am still getting the following error.
File "c:\Users\Nimrod\Nimrod Dropbox\Dropbox\Nimrodsky\Python\Adiabatic Equation\DB connect with PyMySQL.py", line 10, in <module> charset='utf8')
File "C:\ProgramData\Anaconda3\lib\site-packages\pymysql\__init__.py", line 90, in Connect return Connection(*args, **kwargs)
File "C:\ProgramData\Anaconda3\lib\site-packages\pymysql\connections.py", line 706, in __init__ self.connect()
File "C:\ProgramData\Anaconda3\lib\site-packages\pymysql\connections.py", line 922, in connect self.host_info = "socket %s:%d" % (self.host, self.port)
TypeError: %d format: a number is required, not str
import pymysql
import pymysql.cursors
# Connect to the database
connection = pymysql.connect(host='sql8.freesqldatabase.com',
port='3306',
user='********',
password='**********',
db='*********',
charset='utf8')
try:
with connection.cursor() as cursor:
# Create a new record
sql = "INSERT INTO `client` (`ID`, `client_name`, `client_address_1`, `client_address_2`, `client_address_3`, `client_postcode`, `occupier_name`, `install_address_1`, `install_address_2`, `install_address_3`, `install_postcode`) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)"
cursor.execute(sql, ('1', 'Terry Jones', '10 DOwning Street', 'Guildford','Surrey', 'GU1 5HA', 'Paul Smith', 'Wimbledon Hill', 'Wimbledon', 'London', 'SW19 5QT'))
#connection is not autocommit by default. So you must commit to save
#your changes.
connection.commit()
with connection.cursor() as cursor:
# Read a single record
sql = "SELECT `id`, `occupier_name` FROM `client` WHERE `client_name`=%s"
cursor.execute(sql, ('Terry Jones',))
result = cursor.fetchone()
print (result)
finally:
connection.close

Port must be an integer: port=3306.

MySQLdb: Operand should contain 1 column(s)

I am trying to insert some data into a MySQL database, using Python and MySQLdb. When I execute the following function in my program, MySQL returns error "1241, 'Operand should contain 1 column(s)'"
User, password and database are correct, the table is existing and all rights are granted.
def write_to_mysql(pname, dat, like, reachs, talker, friendsfans):
''
try:
con = mdb.connect(user='user', passwd='password', host='localhost', db='database');
except Exception. err:
print(err)
with con:
cur = con.cursor()
cur.execute("INSERT INTO fbinsights (page, datum, likes, reach, talking, fanfriends) VALUES( %s, %s, %s, %s, %s, %s)", (pname, dat, like, reachs, talker, friendsfans))
connection.commit()
Where's the mistake?
Full traceback:
File "insights.py", line 111, in <module>
main()
File "insights.py", line 108, in main
write_to_mysql(PAGE_NAME, date, likes_atm, reach_day, talking_day, friends_of_fans)
File "insights.py", line 90, in write_to_mysql
cur.execute("INSERT INTO fbinsights (page, datum, likes, reach, talking, fanfriends) VALUES( %s, %s, %s, %s, %s, %s)", (pname, dat, like, reachs, talker, friendsfans))
File "/usr/local/lib/python2.7/site-packages/MySQL_python-1.2.3-py2.7-freebsd-9.0-RELEASE-p3-amd64.egg/MySQLdb/cursors.py", line 174, in execute
self.errorhandler(self, exc, value)
File "/usr/local/lib/python2.7/site-packages/MySQL_python-1.2.3-py2.7-freebsd-9.0-RELEASE-p3-amd64.egg/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorclass, errorvalue
_mysql_exceptions.OperationalError: (1241, 'Operand should contain 1 column(s)')

#schlamar answered it. Wrong types passed to MySQL.

I had this error when I was generating a SELECT query with columns to select enclosed (by mistake) in parentheses: SELECT (id, name, age) FROM members;
Note that it does not raise this error if you have just one column listed in parentheses.

I would like some advice why this would not insert data into my SQL table

Following is my code:
import MySQLdb
def insert_popularity(PersonNumber, Category, Value):
# make a connection to the dataabse
connection = MySQLdb.connect(host='localhost', user='root', \
passwd='password', db='inb104')
# get a cursor on the database
cursor = connection.cursor()
# construct the SQL statement
sql = ("""INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)""", (number, category, data))
def open_file(filename):
txt_file = file(filename, 'r')
for line in txt_file:
# Split the line on whitespace
for value in line.split():
return value
number = value[0]
data = value[1]
# execute the query
cursor.execute(sql)
# commit the changes to the database\
connection.commit()
# close the cursor and connection
cursor.close()
connection.close()
Update:
After changing my code as per Paulo's suggestion I now get this error:
query() argument 1 must be string or read-only buffer, not tuple.
I am not sure what it is after trying to change my code:
def insert_popularity(Category, filename, cursor):
txt_file = file(filename, 'r')
for line in txt_file:
# Split the line on whitespace
number, value = line.split()
# construct the SQL statement
sql = ("""INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)""", (number, Category, value))
# execute the query
cursor.execute(sql)
connection = MySQLdb.connect(host='localhost', user='root', \
passwd='password', db='dogs')
cursor = connection.cursor()
Category = 'dogs'
insert_popularity(Category, 'dogs.txt', cursor)
connection.commit()
cursor.close()
connection.close()

Just do it simply, one thing at a time, no fancy stuff that is error prone and slows the reader down while they navigate the obfuscation:
sql = """INSERT INTO popularity (PersonNumber, Category, Value) VALUES (%s, %s, %s)"""
args = (number, Category, value)
cursor.execute(sql, args)
Your comment (execute the query) went away because (a) it was wrong (insert != query) and (b) the fixed version (execute the insertion) would be quite redundant given the clarity of the fixed code.
Update after new problem (too many values to unpack):
Instead of this code:
for line in txt_file:
# Split the line on whitespace
number, value = line.split()
do this:
for lino, line in enumerate(txt_file, 1):
pieces = line.split()
if len(pieces) != 2:
print "Bad data in line %d: %r" % (lino, pieces)
continue
number, value = pieces

You've created the query to execute as a tuple. There two possibilities to solve this:
Use the created query (sql) as a list of arguments:
sql = ("""INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)""", (number, Category, value))
# execute the query
cursor.execute(*sql)
Directly add the query to the execute method:
cursor.execute("""INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)""", (number, Category, value))
Number 2 is definitely a better option than the first one. Thanks to all comments!

What are the data types of the number, category, and data? If any of these are strings, then you should wrap them in single quotes in your query.

Do not take me wrong, but the code is very messed up...
the return inside the for loop will return the first splited string in the first line.
open_file is defined but never called
and so on...
My take would be something like:
def process_file(category, filename, cursor):
txt_file = file(filename, 'r')
for line in txt_file:
number, value = line.split()
sql = ("""INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)""", (number, category, data))
cursor.execute(sql)
connection = MySQLdb.connect(host='localhost', user='root',
passwd='password', db='inb104')
# get a cursor on the database
cursor = connection.cursor()
category = 'foo'
process_file(category, 'somefile.txt', cursor)
# commit the changes to the database\
connection.commit()
# close the cursor and connection
cursor.close()
connection.close()

Try it like this:
def insert_popularity(Category, filename, cursor):
sql = """INSERT INTO popularity (PersonNumber, Category, Value)
VALUES(%s, %s, %s)"""
txt_file = file(filename, 'r')
for line in txt_file:
# Split the line on whitespace
number, value = line.split()
# execute the query
cursor.execute(sql, (number, Category, value))
txt_file.close()
connection = MySQLdb.connect(host='localhost', user='root', \
passwd='password', db='dogs')
cursor = connection.cursor()
Category = 'dogs'
insert_popularity(Category, 'dogs.txt', cursor)
connection.commit()
cursor.close()
connection.close()
Also note: your code suggests this is a MySQL database; if it's an SQLite database, like the title of your question says, please substitute '?' for every '%s' in the sql statement.