Τη Πέμπτη, 28 Μαρτίου 2013 6:26:48 π.μ. UTC+2, ο χρήστης Chris Angelico έγραψε: > On Thu, Mar 28, 2013 at 3:18 PM, Νίκος Γκρ33κ <nikos.gr...@gmail.com> wrote: > > > Τη Πέμπτη, 28 Μαρτίου 2013 6:08:28 π.μ. UTC+2, ο χρήστης Chris Angelico > > έγραψε: > > > > > >> As it says in that document, paramstyle is a top-level module > > >> attribute. Try printing it out. See what it says. Then match your code > > > > > > sql = '''SELECT hits FROM counters WHERE url = %s''' % page > > > print( sql ) > > > cur.execute( sql ) > > > > > > Now the error says: > > > > > > _mysql_exceptions.OperationalError: (1054, "Unknown column 'index.html' in > > 'where clause'") as you cna see at my webpage > > > > http://www.facepalm.de/ > > > > Do you understand SQL injection attacks and the concept of > > parameterized queries? > > > > ChrisA
Yes i know i'am not supposed to use "%s" and i dotn want to but you asked me to print the sql statemnt before executing it. please its 6:30am here in greece and didnt had any sleep yet. please tell me whats wrong.... -- http://mail.python.org/mailman/listinfo/python-list
