0

我正在尝试将我的 datettime 对象插入 MySQL

>>> t
datetime.datetime(2013, 5, 21, 19, 33, 36, tzinfo=tzutc())
>>> cursor.execute('INSERT INTO tweets(created_at) VALUES ({created_at})'.format(created_at=t))

我得到的错误:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/MySQLdb/cursors.py", line 174, in execute
    self.errorhandler(self, exc, value)
  File "/usr/lib/python2.7/dist-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler
    raise errorclass, errorvalue
_mysql_exceptions.ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '19:33:36+00:00)' at line 1")
>>>

MySQL:

mysql> DESCRIBE mytable;
+-------------+---------------------+------+-----+---------+-------+
| Field       | Type                | Null | Key | Default | Extra |
+-------------+---------------------+------+-----+---------+-------+

| created_at  | datetime            | YES  |     | NULL    |       |

+-------------+---------------------+------+-----+---------+-------+
4

2 回答 2

4

使用参数化 sql 而不是字符串格式和手动引用:

cursor.execute('INSERT INTO tweets(created_at) VALUES (%s)', [t])

它更容易,并且有助于防止sql injection

于 2013-05-21T20:30:59.173 回答
-1

尝试在您的表名后插入一个空格并将您的文本放在“”中,如下所示:

cursor.execute('INSERT INTO tweets (created_at) VALUES ("{created_at}")'.format(created_at=t))
于 2013-05-21T20:30:40.087 回答