寫入 1 后顯示沒有記錄。我的資料庫中有 1 的資料。有人可以幫我知道我在哪里錯了嗎?
def searchDB():
try:
sqlCon = mysql.connect(host="localhost",user="root",password="*********",database="mydatabase")
cur =sqlCon.cursor ()
cur.execute ("select categoryname from category where " str(searchby.get()) "Like '%" str(search.get()) "Like '%'")
result = cur.fetchall ()
if len(result) !=0:
self.category_records.delete(*self.category_records.get_children())
for row in result:
self.category_records.insert('',END,values =row)
sqlCon.commit()
sqlCon.close()
except:
tkinter.messagebox.showinfo("Data Search Form", "No such record Found")
Reset()
sqlCon.close()
uj5u.com熱心網友回復:
在查詢中有一個額外的Likeafter str(search.get())。因此,如果用戶鍵入foo,它將搜索fooLike不存在的 。
您還缺少第一個之前的空格LIKE。
您不應該將搜索字串直接連接到查詢中,這對于 SQL 注入是開放的。您應該在查詢中使用引數。
cur.execute ("select categoryname from category where " searchby.get() " Like %s", ('%' search.get() '%',)
無需str()圍繞這些.get()呼叫進行呼叫,因為您是從文本變數中獲取的。
else:您應該顯示關于在if測驗長度的中找不到匹配結果的訊息。except:僅在出現錯誤時運行。
def searchDB():
try:
sqlCon = mysql.connect(host="localhost",user="root",password="*********",database="mydatabase")
cur =sqlCon.cursor ()
cur.execute ("select categoryname from category where " searchby.get() " Like %s", ('%' search.get() '%',)
result = cur.fetchall ()
if len(result) !=0:
self.category_records.delete(*self.category_records.get_children())
for row in result:
self.category_records.insert('',END,values =row)
else:
tkinter.messagebox.showinfo("Data Search Form", "No such record Found")
Reset()
sqlCon.commit()
except Exception as e:
tkinter.messagebox.showinfo("Data Search Form", "Error during search " str(e))
Reset()
sqlCon.close()
轉載請註明出處,本文鏈接:https://www.uj5u.com/gongcheng/428055.html
標籤:Python mysql python-3.x python-2.7 mysql 连接器