I am struggling to put together a simple SQL wildcard search for my Flask application.
I am using an HTML form field to run a simple mysql query “WHERE CustomerName LIKE ‘a%'”- https://www.w3schools.com/sql/sql_wildcards.asp – However I am unable to get the right positioning for the search place holder…
here the HTML form field (working fine)
x
form method="GET" action> <div class="form-group"> <div class="col-sm-3"> <input type="text" placeholder="Material Name" name="Material_Name" action=/search class="form-control"> </div> </div><div class="form-group"> <div class="col-sm-2"> <input type="submit" value="SEARCH" class="btn btn-primary btn-block"> </div></div>The python route
@app.route('/wegowo')def wegowo(): material_namex = request.args.get('Material_Name','') try: tabledata = DB.wego_wo(material_namex) except Exception as e: print(e) tabledata = None return render_template('wegowo.html', tabledata=tabledata)and finally the database helper function
def wego_wo(self,material_namex): connection = self.connect() MLN = "%s" % material_namex try: query = "SELECT id, material, cas, category FROM wegomats WHERE material LIKE '%s' ORDER BY cas" %(MLN); with connection.cursor(pymysql.cursors.DictCursor) as cursor: cursor.execute(query) return cursor.fetchall() finally: connection.cursorThe error seems to be around the structure of the LIKE ‘%s’, since the query works fine when using an ‘=’ statement.
Thank you in advance for any help.
Advertisement
Answer
After quite some trying I fount the solution to this problem: the ‘%’ wildcard operators need to be placed as follows:
MLN = "%s" % '%' + material_namex + '%'the rest of the code is correct