新手,小问题,大家帮帮

新手,小问题,大家帮帮

#!C:\Python25\python.exe
print "Content-type:text/html\n"
import MySQLdb
import cgi
print "\n"
print "<h2>Hello, World!</h2>"
try:
    conn = MySQLdb.connect("localhost","root","123456","gy")
except Exception, gy:
    print gy
    sys.exit()
cursor=conn.cursor()
cursor.execute("select * from test order by %s,%s" % (group,sor))#这一行有问题,用%s来代替就不好用了。。
aaa=cursor.fetchall()
bbb=cursor.description
cursor.close()
conn.close()
print aaa
sss=cgi.FieldStorage()
print "###########"
if sss.has_key("sortby"):
    group = sss["sortby"].value
else:
    group = "id"
if sss.has_key("sortorder"):
    sor = sss["sortorder"].value
else:
    sor = "asc"
print "###########"

print "<br>"


print """<table border="1" cellpadding="3"><tr bgcolor="silver">"""
for item in bbb:
    print "<td>%s</td>" % item[0]
print "</tr>"

for item2 in aaa:
    print """<tr bgcolor="silver">"""
    for item3 in item2:
        print "<td>%s</td>" % item3
    print "</tr>"
print """</table>"""

print """<form method="post" aotion="aa.py">
bort by:"""
for qw in bbb:
    print """<input type="radio" name="sortby" value="%s">%s""" % (qw[0],qw[0])  
print """<br>
nsort oraer:
<input type="radio" name="sortorder" value="asc">ascending
<input type="radio" name="sortorder" value="desc">descengding
<input type="submit" value="sort" />
</form>"""
说说出了什么问题!!!
就是好用嘛。。。
cursor.execute("select * from test order by %s,%s" % (group,sor))#这一行有问题,用%s来代替就不好用了。。
cursor.execute("select * from test order by %s,%s" % (group,sor))这个执行时group,sor值是什么?跟本就没赋值怎么会好用?

sss=cgi.FieldStorage()
print "###########"
if sss.has_key("sortby"):
    group = sss["sortby"].value
else:
    group = "id"
if sss.has_key("sortorder"):
    sor = sss["sortorder"].value
else:
    sor = "asc"

try:
    conn = MySQLdb.connect("localhost","root","123456","gy")
except Exception, gy:
    print gy
    sys.exit()
cursor=conn.cursor()
cursor.execute("select * from test order by %s,%s" % (group,sor))
aaa=cursor.fetchall()
bbb=cursor.description
cursor.close()
conn.close()
print aaa
楼上正解,把取参数放前面唉。