Escaping confusion with Python 3 + MySQL

[alister]

On Sun, 26 Mar 2017 07:24:49 -0700, Νίκος Βέργος wrote:

> Τη Κυριακή, 26 Μαρτίου 2017 - 5:19:27 μ.μ. UTC+3, ο χρήστης Ian έγραψε:
> 
>> You need to change the placeholders back. The poster who told you to
>> replace them was misinformed.
> 
> okey altered them back to
> 
> cur.execute('''UPDATE visitors SET (pagesID, host, ref, location,
> useros, browser, visits) VALUES (%s, %s, %s, %s, %s, %s, %s) WHERE host
> LIKE "%%s%" ''',
> 
																																			
(pID, domain, ref, location, useros,
> 
																																			
browser, lastvisit, domain) )
> 
> but now the problem is how to exact;y type the Where HOST like "%%%"
> 
> I MEAN HOW TO DIFFERENTIATE '%S' FROM LITERAL '%' character.


as a quick thought (untested) it is probably best to have %s as your 
parameter for the Like clause & ad the sql wild-cards (% symbols) to the 
data you pass in as I think the expansion of %s adds quote marks which 
will certainly cause the sql parser issues.
  


-- 
'Charity ain't giving people what you wants to give, it's giving people 
what they need to get.'
(Hogfather)