Block 122: CRUD Operations with SQLite
Implement full Create-Read-Update-Delete operations.
Concepts
- Parameterized queries: ? placeholder
- UPDATE and DELETE with WHERE
- fetchone(), fetchall(), fetchmany()
- Avoiding SQL injection with parameterization
Code Examples
See exercise below.
Exercise
Write functions: insert_student(), get_student(id), update_grade(id, grade), delete_student(id). Test all 4 functions.
Homework
Why is string formatting SQL queries dangerous (SQL injection)? Show an example attack. Tuesday