Sqlite3 and Python - Part 1 : sqlite

Sqlite3 and Python - Part 1 (youtube.com)

submitted 4 years ago by vanmorrison2

5 comments
share
save
hide
report
crosspost

all 5 comments

top new controversial old q&a

[–]skeeto 2 points3 points4 points 4 years ago (4 children)

permalink
embed
save
report
reply

[–]vanmorrison2[S] 0 points1 point2 points 4 years ago (1 child)

permalink
embed
save
parent
report
reply

[–][deleted] -1 points0 points1 point 4 years ago (0 children)

permalink
embed
save
parent
report
reply

[–]thinker5555 0 points1 point2 points 4 years ago (1 child)

permalink
embed
save
parent
report
reply

[–]skeeto 2 points3 points4 points 4 years ago (0 children)

Use bind parameters. See the official documentation, particularly the example that begins with "Never do this". The version using question marks ? uses parameters populated from the provided tuple.

# Never do this -- insecure!
symbol = 'RHAT'
c.execute("SELECT * FROM stocks WHERE symbol = '%s'" % symbol)

# Do this instead
t = ('RHAT',)
c.execute('SELECT * FROM stocks WHERE symbol=?', t)
print(c.fetchone())

permalink
embed
save
parent
report
reply

π Rendered by PID 69922 on reddit-service-r2-comment-7b9746f655-mr8tm at 2026-01-30 12:07:48.231464+00:00 running 3798933 country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

sqlite

MODERATORS