.exit Now, let's connect to the database using Python's sqlite3 module:
sqlite3 example.db This will open the sqlite3 shell, where you can execute SQL commands. Let's create a table called users : sqlite3 tutorial query python fixed
# Execute a query with parameters name = 'John Doe' cursor.execute('SELECT * FROM users WHERE name = ?', (name,)) 'jane@example.com') To avoid SQL injection attacks
import sqlite3
# Fetch all results results = cursor.fetchall() pass it as a parameter:
(1, 'John Doe', 'john@example.com') (2, 'Jane Doe', 'jane@example.com') To avoid SQL injection attacks, use parameterized queries. Instead of concatenating user input into your SQL query, pass it as a parameter: