擅长:python、mysql、java
<p>不要像这样构建SQL。使用数据库引擎的正确形式。在</p>
<p>在<a href="http://docs.python.org/library/sqlite3.html?highlight=sqlite#sqlite3.Cursor.execute" rel="noreferrer">SQLite</a>中,它是这样工作的:</p>
<pre><code>cur.execute("""INSERT INTO PM_NEW_COUNTERS
(COUNTER_NAME, CSV_FILE_NAME, TAR_FILE_NAME)
VALUES (?, ?, ?)""", (a, b, c))
</code></pre>
<p>有关详细信息,请参阅<a href="http://www.python.org/dev/peps/pep-0249/" rel="noreferrer">Python Database API Specification v2.0</a>。在</p>