即使没有语法错误，Sqlite 语法错误.帮助? [英] Sqlite syntax error even though there's no syntax error. Help?

问题描述

这是我用来更新我的 sqlite 数据库中信息的代码:

Here's the code I use to update information in my sqlite database:

self.c.execute("UPDATE proxydata (proxy, description) VALUES ('" + proxy + "', '" + description + "') WHERE proxy='" + proxy + "'")

但我收到此错误:

sqlite3.OperationalError: near "(": syntax error

在我的一生中，我找不到任何错误.执行时的两个变量都是格式正确的字符串.

For the life of mine I can't find an error. Both variables upon execution are correctly formated strings.

这很好用:

self.c.execute("UPDATE proxydata SET description='" + description + "' WHERE proxy='" + proxy + "'")

您可以关闭线程.

推荐答案

使用参数化的 sql:

Use a parametrized sql:

sql='UPDATE proxydata SET description = ? WHERE proxy = ?'
args=[decription,proxy]
self.c.execute(sql,args)

这显然更容易，因为您不必自己引用参数，因此不容易出错.它也更安全，因为参数化 sql 允许 sqlite3 防止 sql 注入.

This is clearly easier, since you don't have to quote the arguments yourself, and thus less error-prone. It is also safer, since parametrizing the sql allows sqlite3 to protect against sql injection.

请注意，如果 proxy 或 description 本身包含单引号，则需要对其进行转义.您手动构造的 SQL 语句没有正确转义该类型的引号.这可能是您看到的语法错误的原因.

Note if proxy or description itself contains a single quotation mark, then it would need to be escaped. Your manual construction of the SQL statement does not properly escape that type of quotation mark. It might be the cause of the syntax error you are seeing.

正如其他人所指出的，语法错误的真正来源很简单，UPDATE ... VALUES ... WHERE 不是有效的(sqlite)SQL.正确的UPDATE语法是UPDATE ... SET ... WHERE.

As others have noted, the real source of the syntax error is simply that UPDATE ... VALUES ... WHERE is not valid (sqlite) SQL. The proper UPDATE syntax is UPDATE ... SET ... WHERE.

这篇关于即使没有语法错误，Sqlite 语法错误.帮助?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！