5 SQLite

SQLite - это легкая дисковая база данных. Поскольку для него не требуется отдельный сервер базы данных, он часто используется для создания прототипов или для небольших приложений, которые часто используются одним пользователем или одним пользователем в данный момент времени.

 import sqlite3

conn = sqlite3.connect("users.db")
c = conn.cursor()

c.execute("CREATE TABLE user (name text, age integer)")

c.execute("INSERT INTO user VALUES ('User A', 42)")
c.execute("INSERT INTO user VALUES ('User B', 43)")


c.execute("SELECT * FROM user")



Приведенный выше код подключается к базе данных , хранящейся в файле с именем users.db , создавая файл первым , если он уже не существует. Вы можете взаимодействовать с базой данных с помощью операторов SQL.

Результат этого примера должен быть:

 [(u'User A', 42), (u'User B', 43)]


Синтаксис SQLite: углубленный анализ


1) Импортируйте модуль sqlite, используя

     >>> import sqlite3


2) Чтобы использовать модуль, вы должны сначала создать объект Connection, который представляет базу данных. Здесь данные будут храниться в файле example.db:

    >>> conn = sqlite3.connect('users.db')

Alternatively, you can also supply the special name `:memory:` to create a temporary database in RAM, as follows:

   >>> conn = sqlite3.connect(':memory:')


3) Если у вас есть Connection , вы можете создать Cursor объект и вызвать его execute() метод для выполнения команд SQL:


     c = conn.cursor()

     # Create table
     c.execute('''CREATE TABLE stocks
                 (date text, trans text, symbol text, qty real, price real)''')

     # Insert a row of data
     c.execute("INSERT INTO stocks VALUES ('2006-01-05','BUY','RHAT',100,35.14)")

     # Save (commit) the changes

     # We can also close the connection if we are done with it.
     # Just be sure any changes have been committed or they will be lost.


Важные атрибуты и функции Connection

1) isolation_level

 It is an attribute used to get or set the current isolation level. None for autocommit mode or one of `DEFERRED`, `IMMEDIATE` or `EXCLUSIVE`.


2) cursor

 The cursor object is used to execute SQL commands and queries.


3) commit()

 Commits the current transaction.


4) rollback()

 Rolls back any changes made since the previous call to `commit()`


5) close()

 Closes the database connection. It does not call `commit()` automatically. If `close()` is called without first calling `commit()` (assuming you are not in autocommit mode) then all changes made will be lost.


6) total_changes

 An attribute that logs the total number of rows modified, deleted or inserted since the database was opened.


7) execute , executemany и executescript

 These functions perform the same way as those of the cursor object. This is a shortcut since calling these functions through the connection object results in the creation of an intermediate cursor object and calls the corresponding method of the cursor object


8) row_factory

 You can change this attribute to a callable that accepts the cursor and the original row as a tuple and will return the real result row.

   def dict_factory(cursor, row):
       d = {}
       for i, col in enumerate(cursor.description):
           d[col[0]] = row[i]
       return d

   conn = sqlite3.connect(":memory:")
   conn.row_factory = dict_factory


Важные функции Cursor

1) execute(sql[, parameters])

Executes a _single_ SQL statement. The SQL statement may be parametrized (i. e. placeholders instead of SQL literals). 
The sqlite3 module supports two kinds of placeholders: question marks `?` (“qmark style”) and named placeholders `:name` (“named style”).

   import sqlite3
   conn = sqlite3.connect(":memory:")
   cur = conn.cursor()
   cur.execute("create table people (name, age)")

   who = "Sophia"
   age = 37
   # This is the qmark style:
   cur.execute("insert into people values (?, ?)",
               (who, age))

   # And this is the named style:
   cur.execute("select * from people where name=:who and age=:age",
               {"who": who, "age": age})  # the keys correspond to the placeholders in SQL


Осторожно: не используйте %s для вставки строки в команды SQL , как это может сделать вашу программу уязвимым для инъекции SQL атаки (см https://codecamp.ru/documentation/sql/3517/sql-injection ).

2) executemany(sql, seq_of_parameters)

Executes an SQL command against all parameter sequences or mappings found in the sequence sql. The sqlite3 module also allows using an iterator yielding parameters instead of a sequence.

   L = [(1, 'abcd', 'dfj', 300),    # A list of tuples to be inserted into the database
        (2, 'cfgd', 'dyfj', 400),
        (3, 'sdd', 'dfjh', 300.50)]                           

   conn = sqlite3.connect("test1.db")
   conn.execute("create table if not exists book (id int, name text, author text, price real)")
   conn.executemany("insert into book values (?, ?, ?, ?)", L)

   for row in conn.execute("select * from book"):

You can also pass iterator objects as a parameter to executemany, and the function will iterate over the each tuple of values that the iterator returns. The iterator must return a tuple of values.

   import sqlite3

   class IterChars:
       def __init__(self):
           self.count = ord('a')

       def __iter__(self):
           return self

       def __next__(self):            # (use next(self) for Python 2)
           if self.count > ord('z'):
               raise StopIteration
           self.count += 1
           return (chr(self.count - 1),) 

   conn = sqlite3.connect("abc.db")
   cur = conn.cursor()
   cur.execute("create table characters(c)")

   theIter = IterChars()
   cur.executemany("insert into characters(c) values (?)", theIter)

   rows = cur.execute("select c from characters")
   for row in rows:


3) executescript(sql_script)

This is a nonstandard convenience method for executing multiple SQL statements at once. It issues a `COMMIT` statement first, then executes the SQL script it gets as a parameter.

`sql_script` can be an instance of `str` or `bytes`.

   import sqlite3
   conn = sqlite3.connect(":memory:")
   cur = conn.cursor()
        create table person(

        create table book(

        insert into book(title, author, published)
        values (
            'Dirk Gently''s Holistic Detective Agency',
            'Douglas Adams',

The next set of functions are used in conjunction with `SELECT` statements in SQL. To retrieve data after executing a `SELECT` statement, you can either treat the cursor as an iterator, call the cursor’s `fetchone()` method to retrieve a single matching row, or call `fetchall()` to get a list of the matching rows.

Example of the iterator form:

   import sqlite3
   stocks = [('2006-01-05', 'BUY', 'RHAT', 100, 35.14),
             ('2006-03-28', 'BUY', 'IBM', 1000, 45.0),
             ('2006-04-06', 'SELL', 'IBM', 500, 53.0),
             ('2006-04-05', 'BUY', 'MSFT', 1000, 72.0)]
   conn = sqlite3.connect(":memory:")
   conn.execute("create table stocks (date text, buysell text, symb text, amount int, price real)")
   conn.executemany("insert into stocks values (?, ?, ?, ?, ?)", stocks)    
   cur = conn.cursor()

   for row in cur.execute('SELECT * FROM stocks ORDER BY price'):

   # Output:
   # ('2006-01-05', 'BUY', 'RHAT', 100, 35.14)
   # ('2006-03-28', 'BUY', 'IBM', 1000, 45.0)
   # ('2006-04-06', 'SELL', 'IBM', 500, 53.0)
   # ('2006-04-05', 'BUY', 'MSFT', 1000, 72.0)


4) fetchone()

 Fetches the next row of a query result set, returning a single sequence, or None when no more data is available. 

   cur.execute('SELECT * FROM stocks ORDER BY price')
   i = cur.fetchone()
       i = cur.fetchone()

   # Output:
   # ('2006-01-05', 'BUY', 'RHAT', 100, 35.14)
   # ('2006-03-28', 'BUY', 'IBM', 1000, 45.0)
   # ('2006-04-06', 'SELL', 'IBM', 500, 53.0)
   # ('2006-04-05', 'BUY', 'MSFT', 1000, 72.0)


5) fetchmany(size=cursor.arraysize)

   Fetches the next set of rows of a query result (specified by size), returning a list. If size is omitted, fetchmany returns a single row. An empty list is returned when no more rows are available.

     cur.execute('SELECT * FROM stocks ORDER BY price')

     # Output:    
     # [('2006-01-05', 'BUY', 'RHAT', 100, 35.14), ('2006-03-28', 'BUY', 'IBM', 1000, 45.0)]


6) fetchall()

 Fetches all (remaining) rows of a query result, returning a list.

   cur.execute('SELECT * FROM stocks ORDER BY price')

   # Output:
   # [('2006-01-05', 'BUY', 'RHAT', 100, 35.14), ('2006-03-28', 'BUY', 'IBM', 1000, 45.0), ('2006-04-06', 'SELL', 'IBM', 500, 53.0), ('2006-04-05', 'BUY', 'MSFT', 1000, 72.0)]


Типы данных SQLite и Python

SQLite изначально поддерживает следующие типы: NULL, INTEGER, REAL, TEXT, BLOB.

Так конвертируются типы данных при переходе с SQL на Python или наоборот.

                 None     <->     NULL
                int      <->     INTEGER/INT
                float    <->     REAL/FLOAT
                str      <->     TEXT/VARCHAR(n)
                bytes    <->     BLOB