1

I've been trying to make the following code work but have not found a way. Im new to Python and know a little of MySQL. Connecting Python with MySQL is something I recently learned for my college project. 

import mysql.connector

password = input("Enter Password Here")
print(password)

conn2 = mysql.connector.connect(host="localhost", user="root", password="root", database="trial")
c2 = conn2.cursor()
c2.execute("select lastname from table1 where lastname= '?' ", (password))
row1 = c2.fetchone()

print(row1)

if(c2==password):
   print("Welcome User")
else:
   print("Invalid")

My connection with the database is working just fine and the SQL statements are also executing as expected. The only problem is that when inserting the password variable. The print(row1) code outputs None in the Console. Please Help

0Dz
  • 15
  • 6

1 Answers1

0

Try this:

c2.execute("""select lastname from table1 where lastname= %s""", (password,))
Nurjan
  • 5,889
  • 5
  • 34
  • 54
  • I got these errors Traceback (most recent call last): File "C:/Users/GammeCore/PycharmProjects/untitled/SQL Debug.py", line 8, in c2.execute("select lastname from table1 where lastname= ?", (password)) File "C:\Python34\lib\site-packages\mysql\connector\cursor.py", line 551, in execute self._handle_result(self._connection.cmd_query(stmt)) mysql.connector.errors.ProgrammingError: 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1 – 0Dz Nov 03 '16 at 10:24
  • I'm sorry but i still got the same errors. I don't know what's wrong – 0Dz Nov 03 '16 at 10:32
  • @0Dz What if you try `q = ("select lastname from table1 where lastname= %s")` and then run `c2.execute(q, (password))`? – Nurjan Nov 03 '16 at 10:36
  • I still got the same errors. The SQL statement is working perfectly in MySQL – 0Dz Nov 03 '16 at 10:43
  • @0Dz : FOLLOW the instruction. For MySQL or PostgreSQL, use`%s` . Only SQLite use `?` – mootmoot Nov 03 '16 at 10:43
  • @mootmoot I have tried the code with both %s and ? . I still keep getting errors with both of them. – 0Dz Nov 03 '16 at 10:45
  • @0Dz Try `c2.execute("""select lastname from table1 where lastname= %s""", (password,))` – Nurjan Nov 03 '16 at 10:46
  • @Nurzhan It Worked!! But, could you please explain what went wrong and how you fixed it?? Why did you place the comma after password and what is the need of 3 pairs of inverted commas? – 0Dz Nov 03 '16 at 10:56
  • 1
    @0Dz : http://stackoverflow.com/questions/19479853/why-do-we-need-to-use-3-quotes-while-executing-sql-query-from-python-cursor – mootmoot Nov 03 '16 at 10:59
  • @0Dz Well, this is how queried are made in python to mysql db. The important thing is the parameters - it accepts tuple, this is why you need to write `(password,)` to make it a tuple, otherwise it is considered as a string. – Nurjan Nov 03 '16 at 10:59
  • @mootmoot Thank You – 0Dz Nov 03 '16 at 11:02
  • @Nurzhan Ok got it. If I want to place multiple variables for input and/ or output, do i have to place the commas after the variable all the time? – 0Dz Nov 03 '16 at 11:03
  • @0Dz No, if there is more than 1 parameter than you don't need to put comma in the end. For instance `(password, login)` will work. – Nurjan Nov 03 '16 at 11:05
  • @Nurzhan Thank You for your time!! – 0Dz Nov 03 '16 at 11:06