Re: Problem inserting data from form
First of all, you are using the string formatting operator (%) to substitute parameters. Don't do that. Do this instead:
cursor.execute=( "INSERT INTO entries (Joke, User) VALUES (%s,%s)", (form['joke'].value, form['user'].value) );
Doing it this way causes it to quote any special characters in your input data, which prevents SQL injection attacks.
Second of all, you have to call connection.commit() to save your data.
You should read PEP-249:
http://www.python.org/dev/peps/pep-0249/ And other MySQLdb documentation:
http://mysql-python.sourceforge.net/
Subject
Written By
Posted
November 01, 2006 08:54PM
Re: Problem inserting data from form
February 28, 2007 05:19PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.