Another MySQL Problem

Stephen Hansen ixokai at ixokai.io
Wed Jun 23 13:21:21 EDT 2010 

On Jun 23, 2010, at 9:28 AM, Victor Subervi <victorsubervi at gmail.com> wrote:

Ok, let's start all over again. When I have this code:

  cursor.execute('select clientEmail from clients where client="%s"',
(client.replace('_', ' '),))
  clientEmail = cursor.fetchone()[0]


Already addressed this. Do not quote inside the SQL.


I get this error:

 /var/www/html/globalsolutionsgroup.vi/mailSpreadsheet.py
   67 </body>
   68 </html>'''
   69
   70 mailSpreadsheet()
   71
mailSpreadsheet = <function mailSpreadsheet>
 /var/www/html/globalsolutionsgroup.vi/mailSpreadsheet.py in
mailSpreadsheet()
   34   subject = 'Order From Client'
   35   cursor.execute('select clientEmail from clients where client="%s"',
(client.replace('_', ' '),))
   36   clientEmail = cursor.fetchone()[0]


First do not use [0] om fetchone-- it returns one or None. Test if none.

It is returning NOne because there is no value that matched-- or those
quotes I said to remove are messing it up.

   37   cursor.execute('select * from %s', (client,))


Even when you fix the above this wont work-- this is so bad.

You can only use parameterized queries-- the execute with the comma followed
by a tuple-- yo insert into the SQL data VALUES after the WHERE clause...
Not table names, not column names. SQL object names should be static.

You should not have a table named (client)_properties for each client. You
should have a table named properties with a field (which may be part of our
primary key) called client or some such, which contains the client name.

Its ok for a single table to have a lot of data.


When I have this code:

  print 'select clientEmail from clients where client="%s"' %
(client.replace('_', ' '),)
  cursor.execute('select clientEmail from clients where client=%s',
(client.replace('_', ' '),))
  clientEmail = cursor.fetchone()[0]


The problem is not this line but:


  File "/var/www/html/globalsolutionsgroup.vi/mailSpreadsheet.py", line 38,
in mailSpreadsheet
    cursor.execute('select * from %s', (client,))


This one. See above.

--Stephen via iPad.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20100623/0a3c1ec7/attachment-0001.html>

More information about the Python-list mailing list