[Tutor] sqlite
Neil D. Cerutti
neilc at norwich.edu
Fri May 13 16:25:49 EDT 2016
On 5/3/2016 11:40 AM, Alan Gauld via Tutor wrote:
> On 03/05/16 10:09, Crusier wrote:
>
>> I am just wondering if there is any good reference which I can learn how to
>> program SQLITE using Python
>>
>> I can not find any book is correlated to Sqlite using Python.
>
> You can try my tutorial below.
>
> http://www.alan-g.me.uk/tutor/tutdbms.htm
>
> If you want very similar information in book form then
> our book 'Python Projects' contains a chapter on databases,
> half of which is SQLite based.
>
> If you want a good book on SQLite itself I can recommend:
>
> Using SQLIte by Kreibich.
From your tutorial:
query = '''INSERT INTO Address
(First,Last,House,Street,District,Town,PostCode,Phone)
Values ("%s","%s","%s","%s","%s","%s","%s","%s")''' %\
(first, last, house, street, district, town, code, phone)
I am not an expert on SQLite, but that doesn't appear to be a wise way
to call SQL from Python. Are the double-quotes enough to protect you
from malicious data?
--
Neil Cerutti
More information about the Tutor
mailing list