Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Insert String in Python SQLite Statement

Tags:

python

string

sqlite

I'm trying to insert a string into a SQLite Select statement in python. When I try this code:

cur.execute("SELECT * FROM DB WHERE employeeNum = '?'",(empNum,))

I get this error:

sqlite3.ProgrammingError: Incorrect number of bindings supplied. The current statement uses 0, and there are 1 supplied.

When I try this code:

cur.execute("SELECT * FROM DB WHERE employeeNum = '",empNum,"'")

I get this error: 

TypeError: function takes at most 2 arguments (3 given)

How do I query this string? Sorry I'm new to python. Any help would be greatly appreciated!

like image 371
user908759 Avatar asked Apr 08 '26 22:04

user908759

1 Answers

Do not use string formatting to insert query parameters into the query - this would make sql injections possible, you would have problems with characters that need to be escaped, with data type conversions etc.

Eliminate the quotes around ? and continue using parameterized query parameters:

cur.execute("SELECT * FROM DB WHERE employeeNum = ?", (empNum, ))

The quotes around ? made sqlite interpret ? as a string, not a placeholder.

Also see similar problem:

  • SQLite parameter substitution and quotes
like image 100
alecxe Avatar answered Apr 11 '26 13:04

alecxe
Sign in to Comment

Related questions

Serialization of the user Class in Python
Using vectorization in Pandas when in each row you need to use the whole data to compare
Run a single test with multiple configs in parallel using pytest

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!