Python pysqlite not accepting my qmark parameterization

StackOverflow https://stackoverflow.com/questions/474261

Question

I think I am being a bonehead, maybe not importing the right package, but when I do...


from pysqlite2 import dbapi2 as sqlite
import types
import re
import sys
...
    def create_asgn(self):
        stmt = "CREATE TABLE ? (login CHAR(8) PRIMARY KEY NOT NULL, grade INTEGER NOT NULL)"
        stmt2 = "insert into asgn values ('?', ?)"
        self.cursor.execute(stmt, (sys.argv[2],))
        self.cursor.execute(stmt2, [sys.argv[2], sys.argv[3]])
...
 I get the error pysqlite2.dbapi2.OperationalError: near "?": syntax error

This makes very little sense to me, as the docs show that pysqlite is qmark parametrized. I am new to python and db-api though, help me out! THANKS

Was it helpful?

Solution

That's because parameters can only be passed to VALUES. The table name can't be parametrized.

Also you have quotes around a parametrized argument on the second query. Remove the quotes, escaping is handled by the underlining library automatically for you.

OTHER TIPS

Try removing the quotes in the line that assigns to stmt2:

    stmt2 = "insert into asgn values (?, ?)"

Also, as nosklo says, you can't use question-mark parameterisation with CREATE TABLE statements. Stick the table name into the SQL directly.

If you really want to do it, try something like this:

def read(db="projects"):

sql = "select * from %s"
sql = sql % db
c.execute(sql)
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top