[Tutor] make a sqlite3 database from an ordinary text file
Alan Gauld
alan.gauld at yahoo.co.uk
Mon Jun 20 13:32:20 EDT 2022
On 20/06/2022 17:18, Dennis Lee Bieber wrote:
> The SQLite3 adapter appears to inherently block using parameterized
> queries to modify the database schema. If you REALLY must generate the
> schema using data from a file, you have to do all of the that in Python,
Ah! I didn't know that. Precisely because I never use Python
to create a database!
> per the warning about SQL injection attacks, you should NEVER use string
> interpolation (or other formatting operations) in Python to work with data
> for the database.
That's true, although I might not say NEVER, since often you write
one-off scripts for database work that nobody else ever uses. But the
official mechanism works well enough for most real cases that there's
rarely any reason not to use it.
And creating tables and columns dynamically is frought with problems
too. It's like trying to create variables in code from user input - how
does the rest of the code refer to those values? For variables we can
use a dictionary as a partial solution but for a database it gets very
messy with the need to look at the meta data before performing any action.
--
Alan G
Author of the Learn to Program web site
http://www.alan-g.me.uk/
http://www.amazon.com/author/alan_gauld
Follow my photo-blog on Flickr at:
http://www.flickr.com/photos/alangauldphotos
More information about the Tutor
mailing list