Hi all.
I have made a webpage where there is a webform where people can fill in
their personel information:
The code is below:
I want to transfer the data to a postgreSQL database ( I have allready made
the database with the neccesary tables, and I know how to connect to it )
but I really have no idea how I can transfer the data from the webform to
the database.
If any can help me I will be more than pleased... thanks for your help...
<html>
<head>
<title> Adminperson </title>
</head>
<body bgcolor="#0479ff">
<h1><p align="center">Insert Person</h1></p>
<hr>
<form action="default.asp" method="post">
<p>Name:<br><input type="text" name="name"></p>
<p>Surname:<br><input type="text" name="surnavn"></p>
<p>Username:<br><input type="text" name="usernavn"></p>
<p>Password:<br><input type="text" name="password"></p>
<p>Adresse:<br><input type="text" name="adresse"></p>
<p>Zipcode:<br><input type="text" name="zipcode"></p>
<p>City:<br><input type="text" name="city"></p>
<p>Phone:<br><input type="text" name="phone"></p
<p>Mail:<br><input type="text" name="mail"></p>
<p> What is your profession? <p>
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Student" CHECKED> Student
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Teacher" CHECKED> Teacher
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Teacher Assistent" CHECKED>
Teacher Assistent
<p><input type="submit" value="Submit"></p>
</body> </html> 12 6089
"Pete....." <he********@yahoo.com> writes: Hi all. I have made a webpage where there is a webform where people can fill in their personel information:
The code is below:
I want to transfer the data to a postgreSQL database ( I have allready made the database with the neccesary tables, and I know how to connect to it ) but I really have no idea how I can transfer the data from the webform to the database.
Your sample form shows being posted to an ASP file which you are going
to change to a Python.cgi script, right?
#!/usr/local/bin/python
print 'content-type: text/plain\n'
import cgi
import someDatabaseAPI
form = cgi.FieldStorage()
someDatabaseAPI.connect()
someDatabaseAPI.query("""
insert into foo
values ('%s', '%s')
""" % (form[key1].value, form[key2].value))
# where key1, key2... are the field names in HTML form
Have a look at the cgi Python module where you will learn all about
this.
HTH
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Hi, yeah It's try I want to change it to a python.cgi.script. And thanks for
your input.....
I use the api pgsql
So the first thing I do is to import the following and connect to the
server:
#!/pack/python-2.3.2/bin/python2.3
from pyPgSQL import PgSQL
import cgi
import cgitb
cgitb.enable()
form = cgi.FieldStorage() ( I added this )
connect = PgSQL.connect(user="vvvvv", password="zzzzz", host="xxx.xxx.xx",
database="yyyyy")
Do I then have to write:
PgSQL.query(''' INSERT into form
Select persons.idpersons, person.username,
persons.surname, phone.phone (And so on ) ( its what the specific tables
are called in my database)
From persons, phone (
And so on )
Where persons.name = 'Name'%s
AND persons.surname ='Surname'%s
AND persons.username = 'Username'%s '''
(And so on with the rest)
% (form['name'].value, form['surname'].value,
form['username'].value))
I dont think I get it quite right, any help would be highly appreciated.
Thanks for all help...
Below is the code from my webpage form:
<form action="default.asp" method="post">
<p>Name:<br><input type="text" name="name"></p>
<p>Surname:<br><input type="text" name="surnavn"></p>
<p>Username:<br><input type="text" name="username"></p>
<p>Password:<br><input type="text" name="password"></p>
<p>Adresse:<br><input type="text" name="adresse"></p>
<p>Zipcode:<br><input type="text" name="zipcode"></p>
<p>City:<br><input type="text" name="city"></p>
<p>Phone:<br><input type="text" name="phone"></p
<p>Mail:<br><input type="text" name="mail"></p>
<p> What is your profession? <p>
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Student" CHECKED> Student
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Teacher" CHECKED> Teacher
<INPUT TYPE=CHECKBOX NAME="Profession" VALUE="Teacher Assistent"
CHECKED> Teacher Assistent
<p><input type="submit" value="Submit"></p>
</body> </html>'''
"Pete....." <he********@yahoo.com> writes: Hi, yeah It's try I want to change it to a python.cgi.script. And thanks for your input.....
I use the api pgsql So the first thing I do is to import the following and connect to the server:
#!/pack/python-2.3.2/bin/python2.3 from pyPgSQL import PgSQL import cgi import cgitb cgitb.enable()
form = cgi.FieldStorage() ( I added this ) connect = PgSQL.connect(user="vvvvv", password="zzzzz", host="xxx.xxx.xx", database="yyyyy")
Do I then have to write:
PgSQL.query(''' INSERT into form Select persons.idpersons, person.username, persons.surname, phone.phone (And so on ) ( its what the specific tables are called in my database) From persons, phone ( And so on ) Where persons.name = 'Name'%s AND persons.surname ='Surname'%s AND persons.username = 'Username'%s ''' (And so on with the rest) % (form['name'].value, form['surname'].value, form['username'].value))
I dont think I get it quite right, any help would be highly appreciated. Thanks for all help...
It looks to me like the part here that you don't understand is how to
interpolate your form data into the string for the database query.
You should study up on the % string formatting operator in the Python
docs.
I'll throw you a bone here;
"""
%s %s %s
""" % (form[key1].value, form[key2].value, form[keyN].value)
Each of those %s tokens is going to be replaced with one of the values
in the tuple right of the % operator.
If you want to pile the form values into a dict and then use symbolic
names in the string...
dict = {}
for key in form:
dict[key] = form[key].value
"""
%(key1)s %(key2)s...
""" % dict
Maybe there is a function in the cgi module that will make the dict
for you? I am not sure.
Have fun!
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Hi again and thanks.
I think I understand the meaning of string formatting operators, I also
understand the meaning with % (form['name'].value, form['surname'].value,
form['username'].value)) And that it is a dictionary that I use.
The thing I find really hard to understand is how I can send the data from
the webform to my postgresql database. I cant find the right commands, i
been searching the web for days now without luck.
PgSQL.query(''' INSERT into form Select persons.idpersons, person.username,
persons.surname, phone.phone (And so on ) ( its what the specific tables is
called in my db)
From persons, phone( And so on )
Where persons.name = 'Name'%s
AND persons.surname ='Surname'%s
AND persons.username = 'Username'%s ''' (And so on with the rest)
I dont really know if I have to write Pgsql.query("INSERT into form
.........................
or if I have to write something else.
I know that I have to take the input from my webform, and store each input
( with each input I mean what the user types in each field, could be the
name, the username etc) in a "variable" so that I can put it into the right
place in the db.
I can see that I do this by using % (form['name'].value,
form['surname'].value, form['username'].value))
But I dont know how I put the data form['name].value in to my database in
the table persons.name.
Sorry for all this questions, just getting really confused with this little
project of mine, thinks its fun, but I just cant figure it out anymore, and
I cant find any info I can use on the web....
Thanks for taking your time to read this....
"Jerry Sievers" <je***@jerrysievers.com> wrote in message
news:m3************@prod01.jerrysievers.com... "Pete....." <he********@yahoo.com> writes:
Hi, yeah It's try I want to change it to a python.cgi.script. And thanks for your input.....
I use the api pgsql So the first thing I do is to import the following and connect to the server:
#!/pack/python-2.3.2/bin/python2.3 from pyPgSQL import PgSQL import cgi import cgitb cgitb.enable()
form = cgi.FieldStorage() ( I added this ) connect = PgSQL.connect(user="vvvvv", password="zzzzz", host="xxx.xxx.xx", database="yyyyy")
Do I then have to write:
PgSQL.query(''' INSERT into form Select persons.idpersons, person.username, persons.surname, phone.phone (And so on ) ( its what the specific tables are called in my database) From persons, phone ( And so on ) Where persons.name = 'Name'%s AND persons.surname ='Surname'%s AND persons.username = 'Username'%s ''' (And so on with the rest) % (form['name'].value, form['surname'].value, form['username'].value))
I dont think I get it quite right, any help would be highly appreciated. Thanks for all help...
It looks to me like the part here that you don't understand is how to interpolate your form data into the string for the database query.
You should study up on the % string formatting operator in the Python docs.
I'll throw you a bone here;
""" %s %s %s """ % (form[key1].value, form[key2].value, form[keyN].value)
Each of those %s tokens is going to be replaced with one of the values in the tuple right of the % operator.
If you want to pile the form values into a dict and then use symbolic names in the string...
dict = {} for key in form: dict[key] = form[key].value
""" %(key1)s %(key2)s... """ % dict
Maybe there is a function in the cgi module that will make the dict for you? I am not sure.
Have fun!
-- ------------------------------------------------------------------------------- Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant 305 321-1144 (mobile http://www.JerrySievers.com/
[Pete] [snip] Below is the code from my webpage form:
<form action="default.asp" method="post">
You should note that the action attribute of a form must contain the URL
to which the form variables will be POSTed.
If you are writing a python CGI script, then action="default.asp" is
almost certainly wrong, unless you have called your python script
"default.asp".
The URL for your python script is the value that should go in the action
attribute, like so
<form action="http://mydomain.com/cgi-bin/my_cgi_script.py" method="post">
or you could leave out the server name bit.
<form action="/cgi-bin/my_cgi_script.py" method="post">
HTH,
--
alan kennedy
------------------------------------------------------
email alan: http://xhaus.com/contact/alan
"Pete....." <he********@yahoo.com> writes: Hi again and thanks. I think I understand the meaning of string formatting operators, I also understand the meaning with % (form['name'].value, form['surname'].value, form['username'].value)) And that it is a dictionary that I use.
The thing I find really hard to understand is how I can send the data from the webform to my postgresql database. I cant find the right commands, i been searching the web for days now without luck.
PgSQL.query(''' INSERT into form Select persons.idpersons, person.username,
You mean that whatever docs for the PgAPI that you are using don't
explain?
I am using pygresql. There are others.
from pgdb import connect
conn = connect(database = 'db', username = 'user', password = 'passwd')
cursor = conn.cursor()
cursor.execute("insert into foo values (1)")
conn.commit()
That's about all the help I can give you.
Good luck
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/
Pete,
What you're looking for is an INSERT SQL query. You can find the basic
theory and some more advanced bits 'n pieces here (specifically
PostgreSQL): http://www.commandprompt.com/ppbook/...ap=x5504%2ehtm
The question that you're asking is so vague that you should think about
reading up on SQL before going any further - you may find yourself
quickly overwhelmed otherwise.
Andrew
On Tue, 2004-11-23 at 20:43 +0000, Alan Kennedy wrote: [Pete] > [snip] > Below is the code from my webpage form: > > <form action="default.asp" method="post">
You should note that the action attribute of a form must contain the URL to which the form variables will be POSTed.
If you are writing a python CGI script, then action="default.asp" is almost certainly wrong, unless you have called your python script "default.asp".
The URL for your python script is the value that should go in the action attribute, like so
<form action="http://mydomain.com/cgi-bin/my_cgi_script.py" method="post">
or you could leave out the server name bit.
<form action="/cgi-bin/my_cgi_script.py" method="post">
HTH,
-- alan kennedy ------------------------------------------------------ email alan: http://xhaus.com/contact/alan
--
Andrew James <dr**@gremlinhosting.com>
First thanks for all your friendly input and for looking at this once
again...
I think I made some progress, but its still not working, so I must still do
something wrong.
Here is how far I have come.
I made an insertintotable script, that I want to run every time a person
presses "The submit button on my webpage" It goes like this:
--------------------------------------------------------------------
#!/pack/python-2.3.2/bin/python2.3
from pyPgSQL import PgSQL
import cgi
import cgitb
cgitb.enable()
form = cgi.FieldStorage()
connect = PgSQL.connect(user="user", password="password", host="host",
database="database")
cur = connect.cursor()
cur.execute('''INSERT INTO persons (name, surname, username, password)
(VALUES(%s,%s, %s, %s)''')
%(form[name].value, form[surname].value, form[username].value,
form[password].value)
---------------------------------------------------------------------------------------------
My question is, do I need more code to tell the program that I want to
transfer the user input ( on my webpage ) to my postgresql database.
---------------------------------------------------------------------------
The code from my webpage is:
#!/pack/python-2.3.2/bin/python2.3
from pyPgSQL import PgSQL
import cgi
import cgitb
cgitb.enable()
print '''
<html>
<head>
<title> Adminperson </title>
</head>
<body bgcolor="#0479ff">
<h1><p align="center">Insert Person</h1></p>
<hr>
<form action="insertintotable.py" method="get">
<p>Name:<br><input type="text" name="name"></p>
<p>Surname:<br><input type="text" name="surnavn"></p>
<p>Username:<br><input type="text" name="usernavn"></p>
<p>Password:<br><input type="text" name="password"></p>
<p><input type="submit" value="Submit"></p>
</body> </html>'''
------------------------------------------------------------------------
And once again thanks...
The error I get is that when this code starts: %(form[name].value,
form[surname].value, form[username].value, form[password].value)
it says that NameError: name 'name' is not defined
args = ("name 'nama' is not defined",)
which is from the html webpage form code
form action="insertintotable.py" method="get">
<p>Name:<br><input type="text" name="name"></p>
Any ideas ?
Thanks all
"Pete....." <he********@yahoo.com> wrote in message
news:41***********************@nntp06.dk.telia.net ... First thanks for all your friendly input and for looking at this once again...
I think I made some progress, but its still not working, so I must still do something wrong. Here is how far I have come.
I made an insertintotable script, that I want to run every time a person presses "The submit button on my webpage" It goes like this: -------------------------------------------------------------------- #!/pack/python-2.3.2/bin/python2.3
from pyPgSQL import PgSQL import cgi import cgitb cgitb.enable()
form = cgi.FieldStorage()
connect = PgSQL.connect(user="user", password="password", host="host", database="database") cur = connect.cursor() cur.execute('''INSERT INTO persons (name, surname, username, password) (VALUES(%s,%s, %s, %s)''') %(form[name].value, form[surname].value, form[username].value, form[password].value) --------------------------------------------------------------------------------------------- My question is, do I need more code to tell the program that I want to transfer the user input ( on my webpage ) to my postgresql database. --------------------------------------------------------------------------- The code from my webpage is:
#!/pack/python-2.3.2/bin/python2.3
from pyPgSQL import PgSQL import cgi import cgitb cgitb.enable()
print '''
<html>
<head>
<title> Adminperson </title>
</head>
<body bgcolor="#0479ff">
<h1><p align="center">Insert Person</h1></p>
<hr>
<form action="insertintotable.py" method="get"> <p>Name:<br><input type="text" name="name"></p> <p>Surname:<br><input type="text" name="surnavn"></p> <p>Username:<br><input type="text" name="usernavn"></p> <p>Password:<br><input type="text" name="password"></p> <p><input type="submit" value="Submit"></p> </body> </html>''' ------------------------------------------------------------------------ And once again thanks...
Hi I got that error debugged but, now there is a new one:
12 cur.execute('''INSERT INTO persons (persons.name,
persons.surname, persons.username, persons.password) VALUES %s,%s, %s, %s
''' %(form['name'].value, form['surname'].value, form['username'].value,
form['password'].value))
13
cur = <pyPgSQL.PgSQL.Cursor instance>, cur.execute = <bound method
Cursor.execute of <pyPgSQL.PgSQL.Cursor instance>>, form =
FieldStorage(None, None, [MiniFieldStorage('name...name', 'sa'),
MiniFieldStorage('password', 'a')]), ].value = [MiniFieldStorage('name',
's'), MiniFieldStorage('surname', 'd'), MiniFieldStorage('username', 'sa'),
MiniFieldStorage('password', 'a')]
/pack/python-2.3.2/lib/python2.3/site-packages/pyPgSQL/PgSQL.py in
execute(self=<pyPgSQL.PgSQL.Cursor instance>, query='INSERT INTO persons
(persons.name, persons.surna...ns.username, persons.password) VALUES s,d,
sa, a ', *parms=())
3070 self.conn.__dict__["inTransaction"] = 0
3071 self.conn._Connection__closeCursors()
3072 raise OperationalError, msg
3073 except InternalError, msg:
3074 # An internal error occured. Try to get to a sane
state.
global OperationalError = <class libpq.OperationalError>, msg =
<libpq.OperationalError instance>
OperationalError: ERROR: syntax error at or near "." at character 29
args = ('ERROR: syntax error at or near "." at character 29\n',)
Cant figure that one out....
Thanks for all help.....
On Wed, 2004-11-24 at 02:16 +0100, Pete..... wrote: Hi I got that error debugged but, now there is a new one: 12 cur.execute('''INSERT INTO persons (persons.name, persons.surname, persons.username, persons.password) VALUES %s,%s, %s, %s ''' %(form['name'].value, form['surname'].value, form['username'].value, form['password'].value))
That syntax doesn't look right. I think you were closer with your
previous attempt. This is slightly more correct
cur.execute('''INSERT INTO persons (name, surname, username, password)
VALUES('%s','%s', '%s', '%s')''' % (form[name].value,
form[surname].value, form[username].value, form[password].value))
(Note the single quotes around the %s)
The real problem with this code is that you are letting the user of your
website inject whatever SQL they want directly into your command. I am
not sure if this works for pypgsql, but with psycopg the safe way to do
this is
insert_command = '''
INSERT INTO persons (name, surname, username, password)
VALUES(%s, %s, %s, %s)
'''
cur.execute(insert_command,
(form[name].value, form[surname].value, \
form[username].value, form[password].value))
I believe this works with other DB API 2.0 compatible modules. This lets
the database module worry about whether "jim's house" needs to be turned
into "jim\\'s house" or "'jim\\'s house'"
HTH
-Mark
Mark Roach <mr*****@okmaybe.com> writes: On Wed, 2004-11-24 at 02:16 +0100, Pete..... wrote:
That syntax doesn't look right. I think you were closer with your previous attempt. This is slightly more correct
cur.execute('''INSERT INTO persons (name, surname, username, password) VALUES('%s','%s', '%s', '%s')''' % (form[name].value, form[surname].value, form[username].value, form[password].value))
(Note the single quotes around the %s)
The real problem with this code is that you are letting the user of your website inject whatever SQL they want directly into your command. I am not sure if this works for pypgsql, but with psycopg the safe way to do this is
If you are using pygresql the execute() method allows an optional dict
as arg2 and if provided, will be quoted according to data types and
the LHS string integrated with the dict as if by the % operator.
cur.execute('query')
cur.execute('query with hand quoted args %s' % (foo))
cur.execute('query with args quoted by API %(name1)s, %(name2)d',dict)
String types will get wrapped in single quotes and have embedded
single quotes escaped, the most common use but other types such as
datetime will get special treatment as well.
I agree with you. Any up to date API should have this capability
which can always be overridded in an extreme case.
Bye
--
-------------------------------------------------------------------------------
Jerry Sievers 305 854-3001 (home) WWW ECommerce Consultant
305 321-1144 (mobile http://www.JerrySievers.com/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Andrew |
last post by:
Can someone out there help. I am using Server.
Transfer from a user control to a webform and tried to follow many
examples exactly as specified but cannot get around the (Specified
cast is not...
|
by: Jeremy |
last post by:
I'm having some problems with using Server.Transfer and I
am hoping somebody can help me.
Page 1 has a datagrid, Page 2 has a form.
If a user goes to page 1 and selects something out of the...
|
by: Alexander Bosch |
last post by:
Hi,
I'm having a problem similar to the one that's stated in this KB
http://support.microsoft.com/default.aspx?scid=kb;en-us;839521
When I'm posting a page to itself with the bool value as true it...
|
by: Michael |
last post by:
I am using Visual Studio 2005 (ASP 2.0) to build a webpage that uses a
Microsoft Access Database. The data in the database
simply holds the information on a link to a document that I am storing on...
|
by: shivavrata |
last post by:
Hi All,
I want to transfer the data form webpage to any other own application
which is running in backend.How i develop this web page. which
technology is good for this or any particular protocol...
|
by: JohnM |
last post by:
I can transfer from a query with
DoCmd.TransferSpreadsheet acExport, acSpreadsheetTypeExcel8, "Filenam",
CPath, True
I would like to use a form for the user to select and order data then...
|
by: Bob Alston |
last post by:
I have been trying to make sure my transfer of data from BE to FE is the
lowest possible.
I found this info in a web posting by Pat Partman, a MVP, here
...
|
by: rustyc |
last post by:
Well, here's my first post in this forum (other than saying 'HI' over in the hi forum ;-)
As I said over there:
... for a little side project at home, I'm writing a ham radio web site in...
|
by: =?Utf-8?B?YWxiZXJ0b3Nvcmlh?= |
last post by:
Hi,
I'm using Threads, and when I try to do Server.Transfer, I recieved an
error. (child object does not exist...)
My Code:
Dim t As New Thread(AddressOf Hilo)
Private Sub Hilo()...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
| |