Code

Opened 16 months ago

Closed 16 months ago

Last modified 16 months ago

#20115 closed Bug (duplicate)

Error with MySQL database using % in direct SQL

Reported by: EvgeniyMakhmudov Owned by: nobody
Component: Database layer (models, ORM) Version: 1.5
Severity: Normal Keywords: db, error
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

Hello everybody! Привет всем русскоговорящим в отдельности!

I found problem in Django 1.4.2 and current version in main branch of git repo.

I try to do something like this: (found names that starts with string "Jo", like Joe,John etc)

from django.db import connection
...
cursor=connection.cursor()
cursor.execute('SELECT * from `test`.`test_table` WHERE name LIKE "Jo%";')

and take exception:
Exception raised: <type 'exceptions.TypeError'> not enough arguments for format string

looks very strange... after time, i found the root of problem.

when execute() method start he invoke this:

django/db/backends/util.py:36

def execute(self, sql, params=()):

and some levels bottom it invoke this:

MySQLdb/cursors.py:139

def execute(self, query, args=None):
...
        if args is not None:
            query = query % db.literal(args)

Look with attention on default values of argument of functions. When i do in my code execute() additional args set by default to turple (), BUT MySQLdb in his execute method waiting None value as default. Next, if my SQL code contain a % symbol (not in placeholder meaning), that MySQLdb execute() method think that i send additional arguments to paste in SQL and do formatting. At this moment raise error because this is wrong Python code:

'SELECT * from `test`.`test_table` WHERE name LIKE "Jo%";'%()
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/IPython/core/interactiveshell.py", line 2538, in run_code
    exec code_obj in self.user_global_ns, self.user_ns
  File "<ipython-input-1-4ae0cf876369>", line 1, in <module>
    'SELECT * from `test`.`test_table` WHERE name LIKE "Jo%";'%()
TypeError: not enough arguments for format string

In confirmation of the foregoing, if change my code to

from django.db import connection
...
cursor=connection.cursor()
cursor.execute('SELECT * from `test`.`test_table` WHERE name LIKE "Jo%";', None)

that it will be work properly.


So, as a result, I propose to think about correction file django/db/backends/util.py:36 to

def execute(self, sql, params=None):

But i don't know about how it will be worked with another DB such Oracle, PostgreSQL. In some reason on SQLite original code don't raise exception.

Attachments (0)

Change History (2)

comment:1 Changed 16 months ago by claudep

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #9055

comment:2 Changed 16 months ago by EvgeniyMakhmudov

a problem has 5 years old??? oh, sh... Guys, seriously, somebody must solve this not big problem.

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.