Unsupported operand types in if/else list comprehension

Mike H cmh.python at gmail.com
Sat Apr 11 17:53:58 CEST 2009

Well, I'm an idiot. Obviously, the line "VALUES (%s, %s, %s);" needs
to be modified to adapt for the number of arguments in the list. But

On Sat, Apr 11, 2009 at 11:28 AM, Mike H <cmh.python at gmail.com> wrote:
> Ok, thanks again to everyone for their suggestions, even if it appears
> I was going down the wrong path at the start. I'm a grad student
> creating this database to hold some of my own research on an isolated
> server, so security, etc. isn't my biggest concern -- but I would like
> to do this right. Here's the code that I've come up with now. Although
> it's gotten away from the original question, those that have commented
> on this seem to have some SQL knowledge, so I'd like to run it by them
> to see if this is better in theory. (I've tried it and it works in
> practice!)
> FYI, I'm using MySQLdb to connect with the Database.
> Also, I realize I should probably add in some try/catch statements and
> other error handling... but this is what I have at the moment.
> def insert_cmd(myTable, myFields, myValues, myReturnKey):
>    """Imports given fields and values into a given table, returns an
> SQL variable holding the Autoincrement key"""
>    #tests to see if myParentKey is valid in mySQL.
>    if not myReturnKey.startswith("@"): print "Error, myReturnKey must
> start with '@'"; sys.exit()
>    SQLcmd="INSERT INTO " + myTable + " (%s) " % ", ".join(myFields)
>    SQLcmd=SQLcmd + "VALUES (%s,%s,%s);"
>    cursor.execute(SQLcmd, (myValues))
>    #sets and returns SQL variable.
>    SQLcmd="select " + myReturnKey + ":=last_insert_id();"
>    cursor.execute(SQLcmd)
>    return myReturnKey
> On Sat, Apr 11, 2009 at 7:38 AM, Diez B. Roggisch <deets at nospam.web.de> wrote:
>> Mike H schrieb:
>>> Thanks to all of you.
>>> FYI, I'm doing this because I'm working on creating some insert
>>> statements in SQL, where string values need to be quoted, and integer
>>> values need to be unquoted.
>>> I wanted to be sure that I could pass these values to the list in a
>>> normal way e.g. ['test', 1, 'two'] and have a function correct the
>>> list for me, rather than calling the function with a strangely quoted
>>> list e.g. ['"'test'"', 1, '"'two'"'].>
>> Don't do that yourself. This is error-prone. Instead, use the parametrized
>> verison of the cursor.execute-method. It will perform the necessary
>> escaping, and depending on the database and database adapter you use better
>> performance.
>> Diez
>> --
>> http://mail.python.org/mailman/listinfo/python-list

More information about the Python-list mailing list