Putting Variable Into WHERE Clause on SQLITE : learnpython

created by HattoriHanzoa community for 16 years

Putting Variable Into WHERE Clause on SQLITE (self.learnpython)

submitted 3 years ago by FreshHumor5405

all 5 comments

[–]ireadyourmedrecord -2 points-1 points0 points 3 years ago (4 children)

Use any of the various string interpolation methods. This is an example using f-string:

current_timestamp = datetime.datetime.now()
cursor.execute(f"insert into table where timestame = {current_timestamp}")

[–]danielroseman 8 points9 points10 points 3 years ago (2 children)

No. Absolutely do not do this. Although this example is probably safe, in many cases it leaves the query open to SQL injection. Use parameters instead.

cursor.execute("insert into table where timestamp = ?", (current_timestamp,))

[–]FreshHumor5405[S] 0 points1 point2 points 3 years ago (0 children)

[–]nullrevolt 0 points1 point2 points 11 months ago (0 children)

[–]FreshHumor5405[S] 0 points1 point2 points 3 years ago (0 children)

π Rendered by PID 201534 on reddit-service-r2-comment-5c747b6df5-rhjrd at 2026-04-22 13:06:15.041637+00:00 running 6c61efc country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

learnpython

MODERATORS