1

我正在研究 python 并试图从 Mysql 数据库中获取一些数据,以下是查询

import MySQLdb as mdb
page  = 1
perpage = 3
offset = (int(page) - 1) * perpage
conn = mdb.connect(user='root', passwd='redhat', db='Python_Web', host='localhost')
cursor_posts = conn.cursor()
posts = "select * from projects LIMIT = %s OFFSET = %s " %(offset,perpage)
cursor_posts.execute(posts)

错误:

ERROR: Internal Python error in the inspect module.
Below is the traceback from this internal error.

Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/IPython/ultraTB.py", line 667, in text
    locals,formatvalue=var_repr))
  File "/usr/lib64/python2.7/inspect.py", line 885, in formatargvalues
    specs.append(strseq(args[i], convert, join))
  File "/usr/lib64/python2.7/inspect.py", line 840, in strseq
    return convert(object)
  File "/usr/lib64/python2.7/inspect.py", line 882, in convert
    return formatarg(name) + formatvalue(locals[name])
KeyError: 'connection'

IPython's exception reporting continues...

---------------------------------------------------------------------------
ProgrammingError                          Traceback (most recent call last)

/home/local/user/python_webcode/<ipython console> in <module>()

/usr/lib64/python2.7/site-packages/MySQLdb/cursors.pyc in execute(self, query, args)
    172             del tb
    173             self.messages.append((exc, value))
--> 174             self.errorhandler(self, exc, value)
    175         self._executed = query
    176         if not self._defer_warnings: self._warning_check()

/usr/lib64/python2.7/site-packages/MySQLdb/connections.pyc in defaulterrorhandler(***failed resolving arguments***)
     34     del cursor
     35     del connection
---> 36     raise errorclass, errorvalue
     37 
     38 re_numeric_part = re.compile(r"^(\d+)")

ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= 0 OFFSET = 3' at line 1")

谁能告诉我上面的查询有什么问题,实际上我正在尝试使用 web.py 框架在 python 中实现分页

4

2 回答 2

6

我相信这应该是公正LIMIT %s OFFSET %s的。没有等号。

于 2012-10-16T09:33:17.517 回答
3

LIMIT 和 OFFSET 都没有使用=等号,所以你的 SQL 确实不正确。

您确实应该使用 SQL 参数,其中数据库库引用您的值并防止 SQL 注入攻击:

posts = "select * from projects LIMIT %s OFFSET %s"
cursor_posts.execute(posts, (perpage, offset))

还要注意参数的顺序;LIMIT先来,所以先传入你的perpage参数。

您可以使用:

LIMIT %s, %s
posts = "select * from projects LIMIT %s, %s"
cursor_posts.execute(posts, (offset, perpage))

同样,用OFFSET逗号替换,并交换参数

于 2012-10-16T09:35:54.400 回答