0

I'm having trouble calling this SQL command, I am getting: 'OperationalError: near "'0-0'": syntax error'

My call is as follows:

users_db_curs.execute("INSERT INTO `"+table_name+"` (uID, username, password, creator_exp, location) 
VALUES ('"+user_ID+"', '"+username+"', '"+password+"', '"+creator_exp+"', '0-0')")
Tim M.
54.5k14 gold badges126 silver badges167 bronze badges
asked May 6, 2012 at 9:38
3
  • Syntax depends on specific SQL implementation--you should specify the database you are using. Commented May 6, 2012 at 9:46
  • @TimMedora I'm a bit confused! :P I'm doing this as a part of a study on databases now that I've completed the w3schools tutorials. That's using sqlite3.cursor() on a .db file. Commented May 6, 2012 at 9:54
  • Sounds like you are using SQL Lite then. That should be enough info for someone to help you (unfortunately I'm not familiar with the syntax). Commented May 6, 2012 at 9:57

2 Answers 2

1

I tested your statement and it should work fine if your different variables are correctly formatted to be directly concatenated in the statement string litteral:

>>> import sqlite3
>>> conn = sqlite3.connect(':memory:')
>>> cu = conn.cursor()
>>> cu.execute('create table foo (uID, username, password, creator_exp, location)')
<sqlite3.Cursor object at 0x7fccc2c115e0>
>>> user_ID='a'
>>> username='b'
>>> password='c'
>>> creator_exp='d'
>>> table_name='foo'
>>> cu.execute("INSERT INTO `"+table_name+"` (uID, username, password, creator_exp, location) VALUES ('"+user_ID+"', '"+username+"', '"+password+"', '"+creator_exp+"', '0-0')")
<sqlite3.Cursor object at 0x7fccc2c115e0>

It's probably not the case when you get that syntax error:

>>> username="'barf"
>>> cu.execute("INSERT INTO `"+table_name+"` (uID, username, password, creator_exp, location) VALUES ('"+user_ID+"', '"+username+"', '"+password+"', '"+creator_exp+"', '0-0')")
Traceback (most recent call last):
 File "<stdin>", line 1, in <module>
sqlite3.OperationalError: near "barf": syntax error

So just use formatted parameters instead.

>>> cu.execute("INSERT INTO `"+table_name+"` (uID, username, password, creator_exp, location) VALUES (?, ?, ?, ?, '0-0')", 
(user_ID, username, password, creator_exp))
<sqlite3.Cursor object at 0x7fccc2c115e0
answered May 6, 2012 at 10:18
Sign up to request clarification or add additional context in comments.

Comments

0 
con = sqlite.connect(db_name)
cur = con.cursor()
with con:
 cur.execute("INSERT INTO ? VALUES(?, ?, ?, ?, ?)",
 (table_name, user_ID, username, password, creator_exp))

should be working
You should read Zetcode's tutorial

answered May 6, 2012 at 10:16

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.