I have a problem with sql query don´t work in flask

Question

i try to run that code but i have problems with the sql query, but if run the query in mysql workbeck it works

app.config['MYSQL_HOST'] = "localhost"
app.config['MYSQL_USER'] = "root"
app.config['MYSQL_PASSWORD'] = ""
app.config['MYSQL_DB'] = "inventario_bodega"
mysql = MySQL(app)

@app.route("/login", methods=["POST"])
def login():
    try:
        data = request.json
        user = data["user"]
        password = data["password"]
        cur = mysql.connection.cursor()
        #thats part don´t work
        cur.execute("SELECT * FROM usuarios WHERE usuario = %s", (user))

        data = cur.fetchone()
        cur.close()
        if(not (data == [])):
            if(data[6] == password):
                encoded_jwt = jwt.encode(
                    {'datos': data}, app.config['SECRET_KEY'], algorithm='HS256')
                return encoded_jwt, 200
            else:
                return "Usuario y/o Contraseña incorrecta", 401
        else:
            return "Usuario y/o Contraseña incorrecta", 401
    except:
        return "Error al iniciar sesion", 500

but don´t show me a error only show me a 500 error

this is what appears to me in the terminal

Can you better define "doesn't work?" That's not a very detailed diagnostic. — tadman, Nov 12 '19 at 20:54
Where are the MySQL authentication details (user, password, database etc)? — Chris, Nov 12 '19 at 21:00
My **guess** is that it should be ``usuario = '%s'"`` note the additional single quotes. But you should really work on tracking down the original error message. you could easily wrap the code in a try...except and log/print the exception somewhere. You already have a try..except, you're just not doing anything with the original exception. — Mike Scotty, Nov 12 '19 at 21:02
Another guess is that the seconds argument to ``cur.execute`` must be an iterable, in which case ``(user)`` should be ``(user,)``, turning it into a tuple. — Mike Scotty, Nov 12 '19 at 21:08
Show us the error you get in your terminal window, not the error from your browser. — noslenkwah, Nov 12 '19 at 21:18
We can guess at what the problem is and how to fix it (I think the guess from @MikeScotty about adding a comma is the right one) but what we really need to figure out how to get errors reported so we can get help debugging. Reportng the observed behavior as "**doesn't work**" is practically useless in terms of communicating (to other professionals and enthusiasts) details about the problem. (How did you figure out that *this* is the line that "doesn't work"?) Asking StackOverflow to debug your program is *not* efficient https://ericlippert.com/2014/03/05/how-to-debug-small-programs/ — spencer7593, Nov 12 '19 at 21:19

score 0 · Accepted Answer · answered Nov 12 '19 at 21:27

cur.exectute() wants a tuple or list of arguments. It looks like you're trying for the former, which is one of those edge cases in Python where the comma distinguishes between parenthesis used to form a tuple or parenthesis used to control order of evaluation.

Change

cur.execute("SELECT * FROM usuarios WHERE usuario = %s", (user))

to

cur.execute("SELECT * FROM usuarios WHERE usuario = %s", (user,))

I have a problem with sql query don´t work in flask

1 Answers1