From: John Nagle on
On 6/6/2010 8:29 AM, James Mills wrote:
> On Mon, Jun 7, 2010 at 1:07 AM, Victor Subervi<victorsubervi(a)> wrote:
>> Hi;
>> I tried this:
>> cursor.execute('drop table tmp%s', tmpTable)
>> and got this error:

You can only use MySQLdb's parameter substitution for
parameters that are in quotes.


namewanted = "Smith"
cursor.execute("SELECT name, id FROM tab WHERE name = %s",

generates the SQL:

SELECT name, id FROM tab WHERE name = "Smith";

which is valid SQL.


tmpTable = "01"
cursor.execute('drop table tmp%s', tmpTable)

generates the SQL:

drop table tmp"01"

which is not valid SQL.

MySQLdb has no idea what the statement says; it just quotes and escapes
anything it replaces into a "%s" placeholder.

John Nagle

First  |  Prev  | 
Pages: 1 2
Prev: map is useless!
Next: Importing modules