Home/ Questions/Q 8295347
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T14:33:19+00:00

I have a url which I want to save into the MySQL database using

  • 0

I have a url which I want to save into the MySQL database using the "cursor" tool offered by django, but I keep getting the "not enough arguments for format string" error because this url contains some escaped characters (non-ascii characters). The testing code is fairly short:

test.py

import os 
import runconfig #configuration file 
os.environ['DJANGO_SETTINGS_MODULE'] = runconfig.django_settings_module 
from django.db import connection,transaction 
c = connection.cursor() 
url = "http://www.academicjournals.org/ijps/PDF/pdf2011/18mar/G%C3%B3mez-Berb%C3%ADs et al.pdf"

dbquery = "INSERT INTO main_crawl_document SET url="+url 
c.execute(dbquery) 
transaction.commit_unless_managed()

The full error message is

Traceback (most recent call last):
  File "./test.py", line 14, in <module>
    c.execute(dbquery)
  File "/usr/local/lib/python2.6/site-packages/django/db/backends/util.py", line 38, in execute
    sql = self.db.ops.last_executed_query(self.cursor, sql, params)
  File "/usr/local/lib/python2.6/site-packages/django/db/backends/__init__.py", line 505, in last_executed_query
    return smart_unicode(sql) % u_params
TypeError: not enough arguments for format string

Can anybody help me?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You’re opening yourself up for a possible SQL injection. Instead, use c.execute() properly:

    url = "http://www.academicjournals.org/ijps/PDF/pdf2011/18mar/G%C3%B3mez-Berb%C3%ADs et al.pdf"
dbquery = "INSERT INTO main_crawl_document SET url=?" 
c.execute(dbquery, (url,)) 
transaction.commit_unless_managed()

    The .execute method should accept an iterable of parameters to use for escaping, assuming it’s the normal dbapi method (which it should be with Django).

    • 0