On Thu, Oct 22, 2020 at 8:12 PM Hans Ginzel <h...@matfyz.cz> wrote: > > Hello, > > consider this snippet please > > cursor.execute(f"INSERT INTO {table} VALUES (1, '{}');") > SyntaxError: f-string: empty expression not allowed > > It is (absolutely) correct to insert empty json into database table field. > Empty expression in f-string should > * (silently) expand as '{}' (opening and closing braces), > * generate a (compile time) warning if requested, e.g. with -W.
My recommendation here would be to separate the part where you insert a table name from the rest of the statement: cursor.execute(f"INSERT INTO {table} " "VALUES (1, '{}')") That way, you aren't at risk of SQL injection in the rest of the statement, and you have a very clear separation saying "hey this bit is doing something really unusual and using interpolation in SQL". ChrisA _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-le...@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/DS3RXBCWFP2UEQTM2CAM4ZBLNBAECZWJ/ Code of Conduct: http://python.org/psf/codeofconduct/