0

In Python 3 I'm trying to do a simple query on a sqlite table, where the user inputs the table name. However I can't manage to add the input variable to the query. Part of the code goes like this:

choice = input ("Enter table name ")
    c.execute("SELECT * FROM ?", choice)
    print(c.fetchall())

Errormsg. is:

sqlite3.OperationalError: near "?": syntax error

I've tried different variations, without luck. Anyone know if there is good solution?

Thanks, -Espen

Espen
  • 147
  • 4
  • 16
  • You should inspect the query string before firing it off (print it, look at it, think about it). My guess is that you are struggling with basic string construction in Python. – Dr. Jan-Philip Gehrcke May 22 '15 at 18:44
  • @Jan-PhilipGehrcke That's actually the preferred method for parameter passing into sql queries to avoid sql injection, but it looks like you cannot do it for table names according to the dupe. – C.B. May 22 '15 at 18:46
  • I see, then sorry for the noise. – Dr. Jan-Philip Gehrcke May 22 '15 at 18:51
  • Jan-Philip: I did try to print out the string, and it shows correct. C.B: I did find some similar posts like you refeer to, but I found it somehow unclear if it was possible or not at all. But I guess It can't be done then. Thanks anyway :) – Espen May 22 '15 at 18:58

0 Answers0