Tuple to string problems
Alastair G. Hogge
agh at tpg.com.au
Sun Aug 17 23:23:59 EDT 2003
Heather Coppersmith wrote:
> On Sun, 17 Aug 2003 12:37:19 +1000,
> "Alastair G. Hogge" <agh at tpg.com.au> wrote:
>
>> Sean Ross wrote:
>>>
>>> "Alastair G. Hogge" <agh at tpg.com.au> wrote in message
>>> news:3f3b9080 at dnews.tpgi.com.au...
>>>> So basicly final_qu would be
>>>> ('1','two','hello','2003-08-14','23:32:07') However has stated above
>>>> type(final_qu) return tuple.
>>>
>>> If final_qu is already a tuple of strings, and what you need is one
>>> string with each string in the tuple concatenated, then you can do this:
>>>
>>>>>> final_qu = ('1','two','hello','2003-08-14','23:32:07')
>>>>>> final_qu_str = ' '.join(final_qu)
>>>>>> final_qu_str
>>> '1 two hello 2003-08-14 23:32:07'
>>>>>>
>>>
>>> If you can't guarantee that each tuple element is a string, try this:
>>>>>> final_qu_str = ' '.join([str(e) for e in final_qu])
>>>>>> final_qu_str
>>> '1 two hello 2003-08-14 23:32:07'
>>>>>>
>>>
>>> [str(e) for e in final_qu] creates a list of a strings from the elements
>>> [in
>>> final_qu.
>>>
>>> HTH
>>> Sean
>> OK. Sorry I didn't quite make myslef clear.
>> final_qu is a string for pydb. The string should be something link:
>> INSERT INTO foo VALUES "('1','two','hello','2003-08-14','23:32:07')"
>> I need the () and each value must be inclosed in '' for the database
>> interface.
>
> Having just been through this myself, you're playing with fire: what if
> one of those strings contains a quote character (single or double)?
>
> Let the database interface do the quoting for you. I don't know what
> your table looks like, but I see two possibilities (all code untested):
>
> If your table contains a single column in which you're trying to put
> that whole string:
>
> sql = """INSERT INTO foo VALUES (%s)"""
> params = (repr( final_qu ),) # "str" may work here, too
> pydbcursor.execute( sql, params )
>
> If your table contains five columns, one for each element of that tuple:
>
> sql = """INSERT INTO foo VALUES (""" \
> + ','.join( ['%s'] * len( final_qu ) ) \
> + """)"""
> params = final_qu
> pydbcursor.execute( sql, params )
>
> HTH,
> Heather
>
OK I removed the all the 's from the string.
But now I get this:
<error>
raise DatabaseError, "error '%s' in '%s'" % ( msg, sql ), referer:
http://nova/~agh/house.html
pgdb.DatabaseError: error 'ERROR: parser: parse error at or near ":" at
character 155, referer: http://nova/~agh/house.html
' in 'INSERT INTO house VALUES
(1,two,three,four,five,six,seven,eight,nine,ten,eleven,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,N/A,2003-08-18,13:19:06)',
referer: http://nova/~agh/house.html
</error>
As my modifed code:
<code>
#!/usr/local/bin/python
import cgi
import time
import pgdb
def Initialise():
_dbuser = "agh"
_dbsource = "127.0.0.1:foo" # dsn.
_dbname = "foo"
return (pgdb.connect(dsn=_dbsource, user=_dbuser, database=_dbname))
def AddData(query):
db = Initialise()
cur = db.cursor()
cur.execute(query)
db.commit()
cur.close()
db.close()
# Begin
form = cgi.FieldStorage() # Grab the data from web page form
qu = ""
# Now we put all the form data into one big string for the db query.
for name in form.keys():
if form[name].value == "Submit":
qu += str(time.strftime("%Y-%m-%d")) + "," +
str(time.strftime("%H:%M:%S"))
break
else:
qu += form[name].value + ","
StoreData.AddData("INSERT INTO house VALUES (%s)" % (qu))
DisplayContent.WebPage(qu)
</code>
More information about the Python-list
mailing list