# Fetch all results results = cursor.fetchall()
.exit Now, let's connect to the database using Python's sqlite3 module: sqlite3 tutorial query python fixed
import sqlite3
# Print the results for row in results: print(row) This will print: # Fetch all results results = cursor
# Execute a query with parameters name = 'John Doe' cursor.execute('SELECT * FROM users WHERE name = ?', (name,)) 'jane@example.com') To avoid SQL injection attacks
(1, 'John Doe', 'john@example.com') (2, 'Jane Doe', 'jane@example.com') To avoid SQL injection attacks, use parameterized queries. Instead of concatenating user input into your SQL query, pass it as a parameter:
# Connect to the database conn = sqlite3.connect('example.db') cursor = conn.cursor() To execute a query, use the execute() method: