Jul-02-2021, 05:55 AM
You really shouldn't be concatenating strings to put data in SQL statements (line 23) - SQL injection is the problem with that. Whichever database you're using will have placeholder characters that you put in the string and
execute
takes an additional argument that lets you pass the values you want. See the docs for the library for details on how to do this correctly.