在 mysql 数据库表中存储 salt 和 key 会导致错误
输出如下: 欢迎来到图书馆系统 1.登录 2.新用户 3.退出 输入您的选择:2 欢迎,新用户,请输入有效的用户名和密码 输入用户名:ASHES 输入密码:MASON
然后,有错误的回溯:
回溯(最近一次调用最后一次):文件 “C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py”, 第 523 行,在 cmd_query 中 self._cmysql.query(查询, _mysql_connector.MySQLInterfaceError:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本对应的手册 为了使用近的正确语法 '\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe' 在第 1 行
在处理上述异常的过程中,又发生了一个异常:
回溯(最近一次调用最后一次):文件 “C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py”,行 139、在 adduser(用户名,密码)文件“C:\ Users \ Rotten \ Downloads \ import mysql.connector as sqltor.py”,行 71、在adduser中 cursor.execute("插入用户值('{}','{}','{}'".format(用户名,key,salt)) 文件 “C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\cursor_cext.py”, 第269行,执行中 结果 = self._cnx.cmd_query(stmt, raw=self._raw, 文件“C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py”, 第 528 行,在 cmd_query 中 引发errors.get_mysql_exception(exc.errno, msg=exc.msg, mysql.connector.errors.ProgrammingError: 1064 (42000): 你有一个 SQL 语法错误;检查与您对应的手册 MySQL 服务器版本,以便在附近使用正确的语法 '\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe' 在第 1 行
mysql> use library;
Database changed
mysql> desc users;
+----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+--------------+------+-----+---------+-------+
| username | varchar(20) | YES | | NULL | |
| key | varchar(100) | YES | | NULL | |
| salt | varchar(100) | YES | | NULL | |
+----------+--------------+------+-----+---------+-------+
3 rows in set (0.15 sec)
最少代码:
import mysql.connector
import hashlib
import os
mycon=mysql.connector.connect(host="localhost",user="root",passwd="123456",database="library")
cursor=mycon.cursor()
stmt = "SHOW TABLES LIKE 'users'"
cursor.execute(stmt)
result = cursor.fetchone()
if result:
pass
else:
cursor.execute("create table users(username varchar(20),key varchar(100),salt varchar(100));")
cursor.execute("create table userlist(username varchar(20),book varchar(200));")
def checkkey(usertest):
cursor.execute("select count(username) from users where username='{}';".format(usertest))
count = cursor.fetchone()[0]
if count==1:
return False
elif count==0:
return True
else:
print("error no valid value returned")
return False
def adduser(username,password):
salt = os.urandom(32)
key = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
mycon.commit()
while True:
print("WELCOME, NEW USER, PLEASE ENTER A VALID USERNAME AND PASSWORD")
usertest=input("Enter username: ")
usertest2=usertest
x=checkkey(usertest)
if x==True:
password=input("Enter Password: ")
username=usertest2
adduser(username,password)
print("USER CREATED")
break
elif x==False:
print("Username already exists, try again")
continue
else:
print("Error, unknown exception in boolean")
break
为什么会发生这种情况?
Output is as follows:
WELCOME TO THE LIBRARY SYSTEM
1.LOGIN
2.NEW USER
3.EXIT
Enter your choice : 2
WELCOME, NEW USER, PLEASE ENTER A VALID USERNAME AND PASSWORD
Enter username: ASHES
Enter Password: MASON
And then, there is a traceback of the error:
Traceback (most recent call last): File
"C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py",
line 523, in cmd_query
self._cmysql.query(query,
_mysql_connector.MySQLInterfaceError: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version
for the right syntax to use near
'\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe'
at line 1During handling of the above exception, another exception occurred:
Traceback (most recent call last): File
"C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line
139, in
adduser(username,password) File "C:\Users\Rotten\Downloads\import mysql.connector as sqltor.py", line
71, in adduser
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt)) File
"C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\cursor_cext.py",
line 269, in execute
result = self._cnx.cmd_query(stmt, raw=self._raw, File "C:\Users\Rotten\AppData\Local\Programs\Python\Python310\lib\site-packages\mysql\connector\connection_cext.py",
line 528, in cmd_query
raise errors.get_mysql_exception(exc.errno, msg=exc.msg, mysql.connector.errors.ProgrammingError: 1064 (42000): You have an
error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near
'\xe9\xfbo\xcdrSy\xe9\x9f\xc2\xb7\xebs\x10\x01\xfc\xb6\xa4\xeb\xe6\xe1\xca\xfc\xe'
at line 1
mysql> use library;
Database changed
mysql> desc users;
+----------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+--------------+------+-----+---------+-------+
| username | varchar(20) | YES | | NULL | |
| key | varchar(100) | YES | | NULL | |
| salt | varchar(100) | YES | | NULL | |
+----------+--------------+------+-----+---------+-------+
3 rows in set (0.15 sec)
Minimal code:
import mysql.connector
import hashlib
import os
mycon=mysql.connector.connect(host="localhost",user="root",passwd="123456",database="library")
cursor=mycon.cursor()
stmt = "SHOW TABLES LIKE 'users'"
cursor.execute(stmt)
result = cursor.fetchone()
if result:
pass
else:
cursor.execute("create table users(username varchar(20),key varchar(100),salt varchar(100));")
cursor.execute("create table userlist(username varchar(20),book varchar(200));")
def checkkey(usertest):
cursor.execute("select count(username) from users where username='{}';".format(usertest))
count = cursor.fetchone()[0]
if count==1:
return False
elif count==0:
return True
else:
print("error no valid value returned")
return False
def adduser(username,password):
salt = os.urandom(32)
key = hashlib.pbkdf2_hmac('sha256', password.encode('utf-8'), salt, 100000)
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))
mycon.commit()
while True:
print("WELCOME, NEW USER, PLEASE ENTER A VALID USERNAME AND PASSWORD")
usertest=input("Enter username: ")
usertest2=usertest
x=checkkey(usertest)
if x==True:
password=input("Enter Password: ")
username=usertest2
adduser(username,password)
print("USER CREATED")
break
elif x==False:
print("Username already exists, try again")
continue
else:
print("Error, unknown exception in boolean")
break
Why is this happening?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为了完整起见,这里是完整的答案:
有几个问题:
cursor.execute("insert into users values('{}','{}','{}'".format( username,key,salt))varchar- 这可能有效,它实际上取决于您的 sql 引擎1. 和 3 的解决方案。 是使用准备好的语句:
如果问题仍然存在,请将表中的相应数据类型从
varchar更改为binary或varbinaryFor completeness sake here is the full answer:
there are several issues:
cursor.execute("insert into users values('{}','{}','{}'".format(username,key,salt))varchar- this MAY work, it really depends on your sql enginethe solution to 1. and 3. is to use prepared statements:
If the issue persists then change the appropriate data types in your table from
varcharto something likebinaryorvarbinary