Here's an example of a problem that I have with a MySQL database and
escaping of executesql placeholders.
I am using web2py 1.99.7 on Ubuntu with Python2.5
testDAL works, but testDB throws this error:
<class 'gluon.contrib.pymysql.err.ProgrammingError'> (1064, u"You have an
error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near '1\\'')' at line 1")
Is there some additional escaping that I need to do for testDB ?
Thanks,
Chris Guest
SQL:
CREATE TABLE `test1` ( `ID` int(11) NOT NULL auto_increment, `Text`
varchar(5000) default NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB;
model:
db.define_table(
'test1',
Field('Text', 'string'),
)
controller:
textStr = '1'
def testDB():
reprTextStr = repr(textStr)
test1 = db.executesql("insert into test1 (t1) VALUES (%s)",
placeholders =(reprTextStr,))
return dict(success=1)
def testDAL():
reprTextStr = repr(textStr)
test1 = db.test1.insert(Text=reprTextStr)
test1_id = db._adapter.lastrowid('test1')
return dict(test1_id=test1_id)
SELECT * FROM test1
-> ;
+----+----------+
| ID | Text |
+----+----------+
| 2 | '1' |
| 3 | '1' |
| 4 | '1' |
+----+----------+
--
