Please open a ticket about this. I can fix it later tonight or tomorrow.
On Tuesday, 9 October 2012 19:38:02 UTC-5, chris_g wrote:
>
> Here's an example of a problem that I have with a MySQL database and
> escaping of executesql placeholders.
> I am using web2py 1.99.7 on Ubuntu with Python2.5
>
> testDAL works, but testDB throws this error:
>
> <class 'gluon.contrib.pymysql.err.ProgrammingError'> (1064, u"You have an
> error in your SQL syntax; check the manual that corresponds to your MySQL
> server version for the right syntax to use near '1\\'')' at line 1")
>
> Is there some additional escaping that I need to do for testDB ?
>
> Thanks,
> Chris Guest
>
>
> SQL:
> CREATE TABLE `test1` ( `ID` int(11) NOT NULL auto_increment, `Text`
> varchar(5000) default NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB;
>
> model:
>
> db.define_table(
> 'test1',
> Field('Text', 'string'),
> )
>
>
> controller:
>
> textStr = '1'
>
> def testDB():
> reprTextStr = repr(textStr)
> test1 = db.executesql("insert into test1 (t1) VALUES (%s)",
> placeholders =(reprTextStr,))
> return dict(success=1)
>
> def testDAL():
> reprTextStr = repr(textStr)
> test1 = db.test1.insert(Text=reprTextStr)
> test1_id = db._adapter.lastrowid('test1')
> return dict(test1_id=test1_id)
>
>
> SELECT * FROM test1
> -> ;
> +----+----------+
> | ID | Text |
> +----+----------+
> | 2 | '1' |
> | 3 | '1' |
> | 4 | '1' |
> +----+----------+
>
>
>
--
