#3287: ensure sql arguments supplied as tuple

jeff1evesque · Oct 10, 2018 · 950f10e · 950f10e
1 parent 4c6c0ec
commit 950f10e
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 14 deletions.
diff --git a/brain/database/account.py b/brain/database/account.py
@@ -71,7 +71,7 @@ def check_username(self, username):
         sql_statement = 'SELECT * '\
             'FROM tbl_user '\
             'WHERE username=%s'
-        args = (username)
+        args = (username,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)
@@ -95,7 +95,7 @@ def check_email(self, email):
         sql_statement = 'SELECT * '\
             'FROM tbl_user '\
             'WHERE email=%s'
-        args = (email)
+        args = (email,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)
@@ -119,7 +119,7 @@ def get_password(self, username):
         sql_statement = 'SELECT password '\
             'FROM tbl_user '\
             'WHERE username=%s'
-        args = (username)
+        args = (username,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)
@@ -143,7 +143,7 @@ def get_uid(self, username):
         sql_statement = 'SELECT id_user '\
             'FROM tbl_user '\
             'WHERE username=%s'
-        args = (username)
+        args = (username,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)

diff --git a/brain/database/entity.py b/brain/database/entity.py
@@ -106,7 +106,7 @@ def get_title(self, id_entity):
         sql_statement = 'SELECT title '\
             'FROM tbl_dataset_entity '\
             'WHERE id_entity=%s'
-        args = (id_entity)
+        args = (id_entity,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)
@@ -135,7 +135,7 @@ def get_collections(self, uid):
             'FROM tbl_dataset_entity '\
             'WHERE uid_created=%s '\
             'ORDER BY datetime_created'
-        args = (uid)
+        args = (uid,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)
@@ -166,7 +166,7 @@ def get_collection_count(self, uid):
             'FROM tbl_dataset_entity '\
             'WHERE uid_created=%s'\
             ') AS c'
-        args = (uid)
+        args = (uid,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)

diff --git a/brain/database/model_type.py b/brain/database/model_type.py
@@ -49,7 +49,7 @@ def get_model_type(self, collection):
             ' INNER JOIN tbl_model_type mtype'\
             ' ON mid.model_type = mtype.id_model'\
             ' WHERE mid.collection=%s'
-        args = (collection)
+        args = (collection,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)

diff --git a/brain/database/prediction.py b/brain/database/prediction.py
@@ -79,28 +79,28 @@ def save(self, data, model_type, title):
                 sql_statement = 'INSERT INTO tbl_svm_results_probability '\
                     '(id_result, probability) VALUES(%s, %s)'
                 args = (svm_results['id'], x)
-                self.sql.execute('insert', sql_statement, args,)
+                self.sql.execute('insert', sql_statement, args)
 
             # svm decision function
             for x in decision_function:
                 sql_statement = 'INSERT INTO tbl_svm_results_decision_function '\
                     '(id_result, decision_function) VALUES(%s, %s)'
-                args = (svm_results['id'], x,)
-                self.sql.execute('insert', sql_statement, args,)
+                args = (svm_results['id'], x)
+                self.sql.execute('insert', sql_statement, args)
 
         elif model_type == 'svr':
             # svr results
             sql_statement = 'INSERT INTO tbl_prediction_results '\
                 '(model_type, title, result, uid_created, datetime_created) '\
                 'VALUES(%s, %s, %s, %s, UTC_TIMESTAMP())'
             args = (self.model_list.index(model_type) + 1, title, result, self.uid)
-            svr_results = self.sql.execute('insert', sql_statement, args,)
+            svr_results = self.sql.execute('insert', sql_statement, args)
 
             # svr r2
             sql_statement = 'INSERT INTO tbl_svr_results_r2 '\
                 '(id_result, r2) VALUES(%s, %s)'
             args = (svr_results['id'], data['r2'])
-            self.sql.execute('insert', sql_statement, args,)
+            self.sql.execute('insert', sql_statement, args)
 
         # retrieve any error(s)
         response_error = self.sql.get_errors()

diff --git a/brain/database/session.py b/brain/database/session.py
@@ -44,7 +44,7 @@ def get_session_id(self, collection):
         self.sql.connect(self.db_ml)
         sql_statement = 'SELECT id_entity FROM tbl_dataset_entity '\
             'WHERE collection=%s'
-        args = (collection)
+        args = (collection,)
         response = self.sql.execute('select', sql_statement, args)
 
         # retrieve any error(s)