sqlite python 3插入错误语法
所以我有一个函数,可以读取txt,解析它,然后将它加载到sql表中sqlite python 3插入错误语法,python,sql,sqlite,syntax,operationalerror,Python,Sql,Sqlite,Syntax,Operationalerror,所以我有一个函数,可以读取txt,解析它,然后将它加载到sql表中 def main(): connection = sqlite3.connect("myTable.db") crsr = connection.cursor() lines = open("LLA03132A.txt", "r").readlines() input = Thpt(lines) sql = """CREATE table if not exists my_table (
def main():
connection = sqlite3.connect("myTable.db")
crsr = connection.cursor()
lines = open("LLA03132A.txt", "r").readlines()
input = Thpt(lines)
sql = """CREATE table if not exists my_table (
date STRING,
site STRING,
sector STRING,
avg_thpt FLOAT
);"""
crsr.execute(sql)
for x in input:
time = x[0]
site = x[1][1:8]
sector = x[1]
avg_thpt = x[2]
sql = """INSERT INTO my_table VALUES ( %s , %s , %s , %f );"""%(time, site, sector, avg_thpt)
print(sql)
crsr.execute(sql)
connection.commit()
connection.close()
然而,当我调用它时,我得到了上述错误。我做错了什么?我是否错误地命名了我的类别或值?某处有隐藏的角色吗?我正在使用datetime软件包,仅供参考
Traceback (most recent call last):
INSERT INTO my_table VALUES ( 2018-07-03 10:14:18.060416 , LA03132 , LLA03132A11 , 2637.806265 );
File "C:/Users/myname/PycharmProjects/Parser/parser2.py", line 60, in <module>
main()
File "C:/Users/myname/PycharmProjects/Parser/parser2.py", line 55, in main
crsr.execute(sql)
sqlite3.OperationalError: near "10": syntax error
问题是您试图在没有适当引号的情况下将字符串值插入数据库。如果查看打印的INSERT语句,它将打印:
INSERT INTO my_table VALUES ( 2018-07-03 10:14:18.060416 , LA03132 , LLA03132A11 , 2637.806265 );
您需要的是让它打印:
INSERT INTO my_table VALUES ( '2018-07-03 10:14:18.060416' , 'LA03132' , 'LLA03132A11' , 2637.806265 );
因此,您需要更改这行代码:
sql = """INSERT INTO my_table VALUES ( %s , %s , %s , %f );"""%(time, site, sector, avg_thpt)
为此:
sql = """INSERT INTO my_table VALUES ( '%s' , '%s' , '%s' , %f );"""%(time, site, sector, avg_thpt)
当您应该使用参数传递时,您正在使用字符串插值,这既慢又不安全 另外sqlite3.paramstyle是'qmark',所以您应该使用?作为参数的占位符:
params = (x[0], x[1][1:8], x[1], x[2])
sql = """INSERT INTO my_table VALUES (?, ?, ?, ?);"""
print(sql)
crsr.execute(sql, params)
请注意,sql和参数分别传递给驱动程序,因此数据库的任务是执行参数插值。这将使您从引用地狱中解脱出来,并通过不允许sql注入攻击使您的代码更加安全。它也更快