在使用pymysql模块时,在使用字符串拼接的注意事项
错误用法1 sql='select * from where id="%d" and name="%s" ' %(id,name)
cursor.execute(sql)
错误用法2 sql="select * from test where id=" + str(id) + " and name='' + name
cursor.execute(sql)
正确用法 sql =' select * from test where id=%d and name=%s'
cursor.execute(sql,(id,name))