[docs] proposal to improve documentation for parameterized SQLite .execute method
Stephen Holland M.D.
sholland at mac.com
Tue Oct 26 17:26:56 CEST 2010
Hello! I appreciate all the work that has gone into the python system. I was using the sqlite3 package and found a documentation issue that has to have caused problems for other users and I would like to help improve the documentation.
From web page
in the initial section regarding the description of parameter substitution and in the section on execute examples are given for using this technique.
As a responsible sql writer, I knew that strings that contain spaces need to be quoted in as SQL insert statement. The examples did not contain any space containing strings, so when I tried to use the technique I put quotes around the ? in the .execute method call, as I was using data that had spaces and other punctuation within it. This causes an error. The cursor method automatically quotes the strings, and actually errors out if the ? is quoted.
I propose that the examples contain some insertions that include spaces, and additional documentation to describe what other safety steps are done in parameter substitution to the arguments.
More information about the docs