On 2012-12-11 00:04, Anatoli Hristov wrote:
Hi all,
I'm facing an issue inserting an html code into the DB, it comes out
with a syntax error but I face it only when I have html code. Could
help me escape the error somehow ?
Here is my code
def InsertSpecsDB(product_id, spec, lang, name):
db = MySQLdb.connect("localhost","getit","opencart")
cursor = db.cursor()
sql = ("INSERT INTO product_description (product_id, language_id,
name, description) VALUES ('%s','%s','%s','%s')")
params = (product_id, lang, name, spec)
cursor.execute(sql, params)
id = cursor.lastrowid
print"Updated ID %s description %s" %(int(id), lang)
return id
You're using a parametrised query (which is good :-)), but you've included
quotes around the placeholders. There's no need to do that. They'll be
quoted automatically when necessary:
sql = "INSERT INTO product_description (product_id, language_id, name,
description) VALUES (%s,%s,%s,%s)"
--
http://mail.python.org/mailman/listinfo/python-list
