1

I'm using python 2.7.3 and Sqlite3 to save some data in a small db. I have the following sql command:

thedb = "allpeople"
cursor.execute("INSERT INTO %s VALUES (?,?,?,?,?,?,?,?,?,?,?,?)" % (thedb, data))
conn.commit()

But its throwing the following error:

TypeError: not all arguments converted during string formatting
Improve this question
1
  • At the very least, you should put a %r instead of %s, or you're gonna have problems if the table name contains special characters. Commented Jul 15, 2013 at 15:20

1 Answer 1

Reset to default
1

You are trying to insert the table name (not the database). You appear to be mixing that up with SQL parameters; string templating and providing SQL parameters for your query are two entirely separate operations.

You'd have to use string formatting separately to build the query string:

cursor.execute("INSERT INTO %s VALUES (?,?,?,?,?,?,?,?,?,?,?,?)" % thedb, data)

or perhaps a little clearer to illustrate what is going on:

query = "INSERT INTO %s VALUES (?,?,?,?,?,?,?,?,?,?,?,?)" % thedb
cursor.execute(query, data)

Note that this opens you up to a possible SQL injection vector. Perhaps you should look into a decent SQL library instead; SQLAlchemy lets you build SQL queries from Python calls (among other tasks).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.