[Tutor] sqlite: does "?" work in PRAGMA commands?

Terry Carroll carroll at tjc.com
Thu Aug 2 08:46:20 CEST 2007

I'm using sqlite for the first time, so I'm not sure whether I'm trying to 
do something unsupported. or whether I'm trying to do something that's 
supported, but doing it wrong.

I want to get information about a table in my database.  The variable
tablename holds the name of the table, and self.dbconn.execute is a valid
connection object.

This works:

pragma_cmd = GET_TABLE_INFO_COMMAND % tablename
field_data = self.dbconn.execute(pragma_cmd)

But I'm mindful of the warning ("# Never do this -- insecure!") at
http://docs.python.org/lib/module-sqlite3.html, and I'd like to get into
the habit of doing that; so instead I tried it this way (and many
variations of it):

field_data = self.dbconn.execute(pragma_cmd, (tablename))

I get the error:

  sqlite3.OperationalError: near "?": syntax error

Some of the variations included using "tablename" or "(tablename,)" for 
the second parameter; it made no difference.

Does the "?" approach not work with PRAGMA commands or something; or am I
doing this wrong?

More information about the Tutor mailing list