Re: Why Doesn't This MySQL Statement Execute?

Discussion in 'Python' started by Wayne Werner, Dec 18, 2012.

  1. Wayne Werner

    Wayne Werner Guest

    On Tue, 18 Dec 2012, Tom Borkin wrote:

    > Hi;
    > I have this test code:
    >  
    >     if i_id == "1186":
    >       sql = 'insert into interactions values(Null, %s, "Call Back", "%s")' % (i_id, date_plus_2)
    >       cursor.execute(sql)
    >       db.commit()
    >       print sql
    > It prints the sql statement, but it doesn't execute. If I copy and paste the sql into the mysql command line it does execute without warnings or errors. What gives?


    Does date_plus_2 contain

    "Robert"); DROP TABLE interactions; --

    By any chance?
    -W
     
    Wayne Werner, Dec 18, 2012
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Roedy Green
    Replies:
    1
    Views:
    811
    Aquila Deus
    Aug 22, 2005
  2. Mr. SweatyFinger
    Replies:
    2
    Views:
    2,234
    Smokey Grindel
    Dec 2, 2006
  3. Replies:
    21
    Views:
    1,087
    Giannis Papadopoulos
    Aug 2, 2005
  4. Tom Borkin
    Replies:
    5
    Views:
    200
    Dennis Lee Bieber
    Dec 19, 2012
  5. Chris Angelico
    Replies:
    0
    Views:
    164
    Chris Angelico
    Dec 18, 2012
Loading...

Share This Page