try to use parametrized query:
sqlString=company['name']+","+simplejson.dumps(info)
cur.execute("INSERT INTO companyInfo VALUES (?)", (sqlString, ))
this will automatically escape your inputs.
Вопрос
I'm doing something like this in my code:
import sqlite3
...
sqlString=company['name']+","+simplejson.dumps(info)
cur.execute("INSERT INTO companyInfo VALUES("+sqlString+")")
but I'm getting the following error: cur.execute("INSERT INTO companyBlobs VALUES("+valueString+")") sqlite3.OperationalError: unrecognized token: "{"
I guess this is a problem with the escaping of the JSON data, but not sure how to fix it. Ideas?
Решение
try to use parametrized query:
sqlString=company['name']+","+simplejson.dumps(info)
cur.execute("INSERT INTO companyInfo VALUES (?)", (sqlString, ))
this will automatically escape your inputs.