并非所有参数都在SQL语句中用于Python和MySQL。
并非所有参数都在SQL语句中用于Python和MySQL。
提问于 2022-03-21 20:50:52
我正在尝试修改个人计算机上数据库中的表中的数据,以供实践,但我一直在运行控制台(使用PyCharm)中接收此错误:
Not all parameters were used in the SQL statement这是我的密码:
import mysql.connector
from employee import Employee
def add_employee(employee):
mydb = mysql.connector.connect(
host="localhost",
user="root",
password="taker0923",
database="employee"
)
cursor = mydb.cursor(buffered=True)
try:
query = "INSERT INTO employee(id, name, email, phoneNumber, salary) " \
"VALUES(%s, %s, %s, %s, %s)"
values = (employee.employee_ID, employee.full_name, employee.email, employee.phone_number, employee.salary)
cursor.execute(query, values)
mydb.commit()
except Exception as exception:
print(exception)
finally:
cursor.close()
mydb.close()
def delete(employee_id):
mydb = mysql.connector.connect(
host="localhost",
user="root",
password="taker0923",
database="employee"
)
cursor = mydb.cursor(buffered=True)
try:
query = "DELETE FROM employee " \
"WHERE id = %s"
empid = tuple(employee_id)
cursor.execute(query, empid)
mydb.commit()
except Exception as exception:
print(exception)
finally:
cursor.close()
mydb.close()
def update(empid, column, new_value):
mydb = mysql.connector.connect(
host="localhost",
user="root",
password="taker0923",
database="employee"
)
cursor = mydb.cursor(buffered=True)
try:
query = "UPDATE employee " \
"SET %s = %s " \
"WHERE id = %s"
if column == 'name':
values = (column, new_value, empid)
cursor.execute(query, values)
elif column == 'email':
values = (column, new_value, empid)
cursor.execute(query, values)
elif column == 'phoneNumber':
values = (column, new_value, empid)
cursor.execute(query, values)
elif column == 'salary':
values = (column, new_value, empid)
cursor.execute(query, values)
elif column == 'id':
raise ValueError("Cannot update this column")
else:
raise ValueError("ERROR: Could not find matching column")
mydb.commit()
except Exception as exception:
print(exception)
finally:
cursor.close()
mydb.close()
def find(employee_id):
mydb = mysql.connector.connect(
host="localhost",
user="root",
password="taker0923",
database="employee"
)
cursor = mydb.cursor(buffered=True)
try:
query = "SELECT %s FROM employee " \
"WHERE id = %s"
cursor.execute(query, tuple(employee_id))
record = cursor.fetchone()
print(record)
mydb.commit()
except Exception as exception:
print(exception)
finally:
cursor.close()
mydb.close()
def display_all():
mydb = mysql.connector.connect(
host="localhost",
user="root",
password="taker0923",
database="employee"
)
cursor = mydb.cursor(buffered=True)
try:
query = 'SELECT * FROM employee'
cursor.execute(query)
records = cursor.fetchall()
print(f'Total number of rows: {cursor.rowcount}')
for row in records:
print(f'ID = {row[0]}')
print(f'Name = {row[1]}')
print(f'Email: = {row[2]}')
print(f'Phone Number: = {row[3]}')
print(f'Salary: = {row[4]}')
except Exception as exception:
print(exception)
finally:
cursor.close()
mydb.close()
def main():
print("1- Add new employee")
print("2- Delete student by employee ID")
print("3- Edit employee information")
print("4- Search employee by ID")
print("5- Display all employees")
option = int(input("Enter option: "))
if option == 1:
emp_id = input("Enter employee ID: ")
name = input("Enter employee's name: ")
email = input("Enter employee's email: ")
phone_number = input("Enter employee's phone number: ")
salary = int(input("Enter employee's salary (rounded to nearest whole number): "))
obj = Employee(emp_id, name, email, phone_number, salary)
add_employee(obj)
print(f'You have successfully added {emp_id} - {name} into the system!')
elif option == 2:
emp_id = input("Enter employee ID: ")
delete(emp_id)
print(f'You have successfully deleted ID #{emp_id} from the system!')
elif option == 3:
print("\n1- Name")
print("2- Email")
print("3- Phone Number")
print("4- Salary")
choice = int(input("Which column do you want to edit? "))
empid = input("Enter the employee's ID number: ")
new_value = input("Enter new value: ")
if choice == 1:
update(empid, 'name', new_value)
print("Successfully updated record")
elif choice == 2:
update(empid, 'email', new_value)
print("Successfully updated record")
elif choice == 3:
update(empid, 'phoneNumber', new_value)
print("Successfully updated record")
elif choice == 4:
new_value = int(new_value)
update(empid, 'salary', new_value)
print("Successfully updated record")
else:
raise ValueError("Invalid selection")
elif option == 4:
empid = input("Enter the employee's ID number: ")
find(empid)
elif option == 5:
display_all()
else:
raise ValueError("ERROR: Invalid selection")
main()每当我试图删除、更新或搜索表中的特定行时,都会收到该错误。我表中的列是: id、name、email、phoneNumber、工资,输入方式完全相同。但是,我能够成功地插入新数据并查询表中的所有数据。我做错什么了吗,如果是的话怎么办?如何解决此错误?
回答 1
Stack Overflow用户
发布于 2022-03-21 22:33:32
删除
在这里,您的错误似乎是对tuple(employee_id)所做的事情的误解。tuple(1)引发异常TypeError: 'int' object is not iterable,但您似乎没有收到该错误,因此我只能得出结论,您的ID是字符串。
那么,如果对字符串值调用tuple会发生什么呢?这是:
>>> tuple("123")
('1', '2', '3')您将得到一个元组,每个元素都包含字符串中的单个字符。
如果您的字符串中碰巧有一个字符,那么您的语句可能会按预期执行。但是,如果超过这一点,您将尝试运行一个参数和两个或多个值的DELETE语句。这就是你的错误。
这里的修正是将tuple(employee_id)替换为(employee_id,) (请注意这里的逗号是有意的),这就是如何用Python中的一个元素编写一个元组。或者您可以使用list,[employee_id],因为这样可以避免后面的逗号。
更新
要更新员工的查询如下:
query = "UPDATE employee " \
"SET %s = %s " \
"WHERE id = %s"问题是不能将绑定参数用于列名。绑定参数只能用于将值放入SQL中,列名不是值。
相反,您必须将列值直接连接到SQL中:
query = "UPDATE employee " \
f"SET {column} = %s " \
"WHERE id = %s"当前只在列名为UPDATE、email、phoneNumber或salary的情况下执行SQL语句,因此这里不存在注入SQL的风险。但是,作为if . elif . elif .的第一个代码。分支是相同的,您可以简化代码如下:
if column in ('name', 'email', 'phoneNumber', 'salary'):
values = (new_value, empid)
cursor.execute(query, values)请注意,我已经从column中取出了values,当我们到达这里时,它已经在string中了。
发现
在这里,我们看到了与前两种情况相同的问题:
query = "SELECT %s FROM employee " \
"WHERE id = %s"
cursor.execute(query, tuple(employee_id))在这里,您使用的是%s,在这里我们可能需要一个列名,还可以再次使用tuple(employee_id)。
后一个问题我们可以使用(employee_id,)或[employee_id]来修复,就像我们以前做的那样。然而,目前还不清楚如何解决前一个问题。代码中没有指示要选择哪一列。也许您想选择所有的列,就像使用query_all一样?在这种情况下,您将需要SELECT *而不是SELECT %s。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/71563940
复制相关文章
相似问题
腾讯云开发者
