Re: [Tutor] sqlite search
Alan Gauld wrote: On 18/01/13 18:11, Roger wrote: At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); SQLlite supports a form of format string where you put in some magic charactrs then provide arguments which SQLLite will substitute in your SQL statement. You can see examples of that in the database topic in my tutorial: file:///home/alang/Documents/HomePage/tutor/tutdbms.htm Look at the address book example near the end for the 'Find Entry' feature, and definitely read the 'word about security' subheading for the correct way to do it! Just to clarify, the '%' should go in the parameter string, not as part of the query string. The query string should retain the '?' (without any quotations). ~Ramit This email is confidential and subject to important disclaimers and conditions including on offers for the purchase or sale of securities, accuracy and completeness of information, viruses, confidentiality, legal privilege, and legal entity disclaimers, available at http://www.jpmorgan.com/pages/disclosures/email. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] sqlite search
On 18/01/13 18:11, Roger wrote: At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); SQLlite supports a form of format string where you put in some magic charactrs then provide arguments which SQLLite will substitute in your SQL statement. You can see examples of that in the database topic in my tutorial: file:///home/alang/Documents/HomePage/tutor/tutdbms.htm Look at the address book example near the end for the 'Find Entry' feature, and definitely read the 'word about security' subheading for the correct way to do it! hth -- Alan G Author of the Learn to Program web site http://www.alan-g.me.uk/ ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] sqlite search
On 27 January 2013 18:21, Alan Gauld alan.ga...@btinternet.com wrote: On 18/01/13 18:11, Roger wrote: At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); SQLlite supports a form of format string where you put in some magic charactrs then provide arguments which SQLLite will substitute in your SQL statement. You can see examples of that in the database topic in my tutorial: file:///home/alang/Documents/HomePage/tutor/tutdbms.htm You might have better luck using this link: http://www.alan-g.me.uk/tutor/tutdbms.htm Look at the address book example near the end for the 'Find Entry' feature, and definitely read the 'word about security' subheading for the correct way to do it! Oscar ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] sqlite search
file:///home/alang/Documents/HomePage/tutor/tutdbms.htm You might have better luck using this link: http://www.alan-g.me.uk/tutor/tutdbms.htm Oops, thanks for spotting that! I keep two copies of the site open in separate browser tabs and mistakenly used the local file version when copying the link. Silly me! Alan G.___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
[Tutor] sqlite search
Hello, I am very new to python. Wrote a small program to use on my android phone using pickle/shelve to access data. That worked fine but i realised it would be better to use sqlite as a database to more easily modify the data. I havent got a clue about sqlite, have a book but cant find the answer My problem is this. i can access data by putting characters to search for in the program but i want it to be a variable that i can search for characters i input from keypad. I am guessing its a syntax problem? At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); slt =cursor.fetchone(); What i really need is to search for everything beginning with two letters from an input command___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
[Tutor] sqlite search syntax
Hello, I am very new to python. Wrote a small program to use on my android phone using pickle/shelve to access data. That worked fine but i realised it would be better to use sqlite as a database to more easily modify the data. I havent got a clue about sqlite, have a book but cant find the answer My problem is this. I can access data by putting characters to search for into the program but i want it to be a variable string that i can search for. Specificaly a couple of letters i input from keypad. At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); slt =cursor.fetchone(); What i really need is to search for everything beginning with two letters from an input command. As in A is a variable that could be Bl or An or someother two letter combination Hope you can help. Roger___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] sqlite search syntax
Roger Shaw wrote: Hello, I am very new to python. Wrote a small program to use on my android phone using pickle/shelve to access data. That worked fine but i realised it would be better to use sqlite as a database to more easily modify the data. I havent got a clue about sqlite, have a book but cant find the answer My problem is this. I can access data by putting characters to search for into the program but i want it to be a variable string that i can search for. Specificaly a couple of letters i input from keypad. At the moment this works to search for everything beginning with A sql = SELECT * FROM plants WHERE genus LIKE 'A%'; cursor.execute(sql); You should avoid the above style query if you ever get data from an untrusted source (user/internet) as bad things (obligatory xkcd: http://xkcd.com/327/ ) can happen. Instead, use parameterized queries which will handle escaping the input. sql = SELECT * FROM plants where genus LIKE ? cursor.execute(sql, (genus + '%')) # Add wildcard to parameter, not the base # query. Using this notation, genus can hold one character or any amount. slt =cursor.fetchone(); What i really need is to search for everything beginning with two letters from an input command. As in A is a variable that could be Bl or An or someother two letter combination ~Ramit This email is confidential and subject to important disclaimers and conditions including on offers for the purchase or sale of securities, accuracy and completeness of information, viruses, confidentiality, legal privilege, and legal entity disclaimers, available at http://www.jpmorgan.com/pages/disclosures/email. ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
