当前使用sqlite 3在数据库上工作,我收到了以下错误。在添加所有resultsfromsearch
之前,我没有错误:
line 96, in addrecord
cursor.execute(query + fields)
sqlite3.OperationalError: near ",": syntax error
任何帮助将不胜感激:
from tkinter import *
import sqlite3
class databasewindow:
def __init__(self,master,resultsfromsearch):
self.resultsfromsearch = resultsfromsearch
self.master = master
master.title("Students")
self.cardnumberlbl = Label(master,text="Card Number:- ")
self.firstnamelbl = Label(master,text="firstname: - ")
self.surnamelbl = Label(master,text="Surname: - ")
self.currentgradelbl = Label(master,text="Current Grade: -")
self.targetgradelbl = Label(master,text="Target Grade: -")
self.cardnumberentry = Entry(master)
self.firstnameentry = Entry(master)
self.surnameentry = Entry(master)
self.currentgradeentry = Entry(master)
self.targetgradeentry = Entry(master)
self.cardnumberlbl.grid(row=1, column=0, sticky=W)
self.cardnumberentry.grid(row=1, column=1, sticky=W+E)
self.firstnamelbl.grid(row=2, column=0, sticky=W)
self.firstnameentry.grid(row=2, column=1, sticky=W+E)
self.surnamelbl.grid(row=3, column=0, sticky=W)
self.surnameentry.grid(row=3, column=1, sticky=W+E)
self.currentgradelbl.grid(row=4, column=0, sticky=W)
self.currentgradeentry.grid(row=4, column=1, sticky=W+E)
self.targetgradelbl.grid(row=5, column=0, sticky=W)
self.targetgradeentry.grid(row=5, column=1, sticky=W+E)
self.submit_button = Button(master, text="add record", command=self.addrecord)
self.submit_button.grid(row=9,column=0,sticky=W+E)
self.firstrecord()
def firstrecord(self):
global position
position = 0
for customer in self.resultsfromsearch:
if position >=1:
position = 0
break;
else:
self.cardnumberentry.delete(0, 'end')
self.firstnameentry.delete(0, 'end')
self.surnameentry.delete(0, 'end')
self.currentgradeentry.delete(0, 'end')
self.targetgradeentry.delete(0, 'end')
self.cardnumberentry.insert(END, student[0])
self.firstnameentry.insert(END, student[1])
self.surnameentry.insert(END, student[2])
self.currentgradeentry.insert(END, student[3])
self.targetgradeentry.insert(END, student[4])
position = position + 1
def addrecord(self):
with sqlite3.connect("student.db") as db:
cursor = db.cursor()
cardnumber = self.cardnumberentry.get()
firstname = self.firstnameentry.get()
surname = self.surnameentry.get()
currentgrade = self.currentgradeentry.get()
targetgrade = self.targetgradeentry.get()
query = ('INSERT INTO customers( cardnumber, firstname, surname,currentgrade, targetgrade) VALUES' )
fields = ("("'+ cardnumber +'","' + firstname +'","'+ surname +'","'+ currentgrade'","'+ targetgrade'");")
cursor.execute(query + fields)
db.commit()
query = (' SELECT * FROM students')
cursor.execute(query)
self.resultsfromsearch = (cursor.fetchall())
self.firstrecord()
使用cursor.execute()
的第二个参数参数化考虑参数化,并避免使用数据值的任何字符串串联或插值。
with sqlite3.connect("student.db") as db:
cursor = db.cursor()
cardnumber = self.cardnumberentry.get()
firstname = self.firstnameentry.get()
surname = self.surnameentry.get()
currentgrade = self.currentgradeentry.get()
targetgrade = self.targetgradeentry.get()
# PREPARED STATEMENT WITH ? PLACEHOLDERS
query = 'INSERT INTO customers(cardnumber, firstname, surname, currentgrade, targetgrade)' +
' VALUES(?, ?, ?, ?, ?);'
# DATA VALUES IN TUPLE
fields = (cardnumber, firstname, surname, currentgrade, targetgrade)
cursor.execute(query, fields)
db.commit()
...
似乎错误是因为查询 字段导致无效的SQL语句:
>>> query = ('INSERT INTO customers( cardnumber, firstname, surname,currentgrade, targetgrade) VALUES' )
>>> fields = ("("'+ cardnumber +'","' + firstname +'","'+ surname +'","'+ currentgrade'","'+ targetgrade'");")
>>> query+fields
'INSERT INTO customers( cardnumber, firstname, surname,currentgrade, targetgrade) VALUES(+ cardnumber +, + firstname +,+ surname +,+ currentgrade,+ targetgrade);'
>>>