Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
Wearant2021-12-01 02:30:13
Python
Wearant, 2021-12-01 02:30:13

How to update psycorp2 data?

Please tell me what is the reason for the error?

db_connection = psycopg2.connect(DB_URI, sslmode="require")
db_object = db_connection.cursor()
db_object.execute(f"UPDATE users SET first_name = {first_name} WHERE id = {user_id}")


syntax error at or near "Paul"
LINE 1: UPDATE users SET first_name = Paul WHERE id =*****
^

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
antares4045, 2021-12-01
@Wearant

db_object.execute(f"UPDATE users SET first_name =? WHERE id =? ", [first_name, user_id] )
Or at least
db_object.execute(f"UPDATE users SET first_name = '{first_name}' WHERE id = '{ user_id}' ")
Read up on sql injections at your leisure: the anecdote about a student named DROP DATABASE will become clearer.
Upd:
Toli psycopg2, roofing felts cx_Oracle three years ago required to explicitly specify the type of injected: that is, perhaps all the question marks should be put % s

Similar questions
M
Max Darkleviathan2021-03-22 13:53:32
How to edit style.css on host via git? 4Reply
E
eight_bit2019-10-21 11:41:25
Laptop freezes on reboot after installing additional SSD, how to diagnose? 1Reply
K
Karen Mnatsakanyan2017-06-10 13:10:11
Creating a form in Custom Field Suite? 3Reply
A
Artur2017-06-21 21:08:05
Why doesn't opening/hiding the JavaScript mobile menu work? 2Reply
A
Alexander Nikolaevich2017-06-25 15:01:39
Where is the navmenu-v element? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question