[英]Python: sqlite3.OperationalError: near “<”: syntax error (updating sqlite3 field with html source code)
I would like to change all the occurence of sometext
(matching all case combination like sometext
, SOMETEXT
, SOmeTExt
) in the note
field of the table itemNotes
of a sqlite. 我想在sqlite的表
itemNotes
的note
字段中更改sometext
所有sometext
(匹配诸如sometext
, SOMETEXT
, SOmeTExt
所有大小写组合)。
Because sqlite doesn't support case insensitive update (I already ask 2 question here and here ), I am using python
and regex
. 因为sqlite不支持不区分大小写的更新(我已经在这里和这里问了2个问题),所以我正在使用
python
和regex
。
But I get this error : sqlite3.OperationalError: near "<": syntax error
matching line of cursor.execute(f'REPLACE
但我收到此错误:
sqlite3.OperationalError: near "<": syntax error
与cursor.execute(f'REPLACE
I dont' have a <
in my code so I think it's coming from the note
field which contains html source code. 我的代码中没有
<
,因此我认为它来自包含html源代码的note
字段。
Here is my code: 这是我的代码:
keyword ="sometext"
replacement_word="abc"
# load sqlite3
db = sqlite3.connect(path_to_sqlite)
cursor = db.cursor()
# search for all therm
cursor.execute(f'SELECT * FROM itemNotes WHERE note like "%{keyword}%"')
print("\nfetch one:")
# itemID_list = cursor.fetchone()
# pour chacun des result, change
for row in cursor.fetchall():
# print(each)
row_regex = re.compile(re.escape(keyword), re.IGNORECASE)
row_regex_replaced = row_regex.sub(replacement_word, row[2])
rowindex = row[0]
cursor.execute(
f'REPLACE INTO itemNotes (note) VALUES ({row_regex_replaced}) where itemID = {rowindex}')
After looking up "sql injection", this is what I came up with : 查找“ sql注入”后,这是我想出的:
sql = "REPLACE INTO itemNotes (note) VALUES (?) where itemID = (?)"
data = (row_regex_replaced, rowindex,)
cursor.execute(sql, data)
But now I am getting this error : sqlite3.OperationalError: near "where": syntax error
但是,现在我收到此错误:
sqlite3.OperationalError: near "where": syntax error
From the sqlite doc : 从sqlite文档 :
The REPLACE command is an alias for the "INSERT OR REPLACE" variant of the INSERT command.
REPLACE命令是INSERT命令的“ INSERT OR REPLACE”变体的别名。
An INSERT
doesn't have a WHERE
clause. INSERT
没有WHERE
子句。 The query needs to be written as a "regular" INSERT, and the system will "decide" whether to replace. 该查询需要写为“常规” INSERT,并且系统将“决定”是否替换。 Something like
INSERT into itemNotes (itemID,note) VALUES (?,?)
. 像
INSERT into itemNotes (itemID,note) VALUES (?,?)
。 (NB the order of the data
list in the above example would need to change). (注意,在上面的示例中,
data
列表的顺序将需要更改)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.