Python SQLite: Update Statement TypeError: function takes exactly 2 arguments (1 given)

Question

For some reason I keep getting a

findSenGroup = cur.executemany("UPDATE SEN_Table SET SenNumber = " + senNumStr + " WHERE FormName='" + nameGroup + "'")

TypeError: function takes exactly 2 arguments (1 given) error

with this update statement:

findSenGroup = cur.executemany("UPDATE SEN_Table SET SenNumber = " + senNumStr + " WHERE FormGroup='" + nameGroup + "'")

Table shown below

senNumStr is a the number that i want to update a column to.

nameGroup is the name of the row of where I want senNumStr added tp

`````

[Don't build SQL using strings and `+`.](https://xkcd.com/327/) Put `?` as a placeholder wherever you want to use a value. See the [`executemany` documentation](https://docs.python.org/3/library/sqlite3.html#sqlite3.Cursor.executemany). — , Apr 27 '18 at 09:28

score 4 · Accepted Answer · answered Apr 27 '18 at 09:26

4

I'm not sure you need to use executemany here when you're only executing a single statement. You could use simply:

cur.execute("UPDATE SEN_Table SET SenNumber = " + senNumStr + " WHERE FormName='" + nameGroup + "'")

It would be better to use a parameterised query rather than a formatted string though, to avoid SQL injection vulnerabilities:

cur.execute("UPDATE SEN_Table SET SenNumber = ? WHERE FormName = ?", (senNumStr, nameGroup))

answered Apr 27 '18 at 09:26

sjw

1

thanks it worked. can't believe i missed that.Thanks for the SQL injection vulnerabilities tip. – Adam Azam Apr 27 '18 at 09:35

1 Answers1