Reputation: 2060
What does this SQLite command mean?
I am new to using SQLite with python and we have been code in which there is this statement
c.execute('INSERT INTO users VALUES (?,?)', user)
I am not sure what the question marks (?,?) mean, I have tried reading the documentation on sqlite3 website but was not able to get anywhere. Would be a great help if someone can tell me or direct me to the right link.
Thank you
Upvotes: 0
Views: 130
Answers (1)
Reputation: 152927
They are placeholders for literal values that can be bound to a prepared SQL statement. Essentially it allows you to supply literal values in the SQL program without putting them into the SQL string. This both prevents SQL injection attacks and improves performance if you're running the same query with different parameter values - the SQL has to be compiled only once.
Upvotes: 1
Related Questions
- what does sqlite3.OperationalError: near "t": syntax error means
- Query regarding python database programming
- What is the syntax for querying in Python?
- What does the second parameter mean in dblite's open
- python with sqlite3
- I don't fully understand the sql statement
- What is this extra character python puts before every field in an sql query?
- Simple sqlite question
- Sqlite statement syntax error
- SQLite vague syntax error