How to use variables in SQL statement in Python?

I have the following Python code:

cursor.execute("INSERT INTO table VALUES var1, var2, var3,")

where var1 is an integer, var2 and var3 are strings.

How can I write the variable names without Python including them as part of the query text?

Solution

cursor.execute("INSERT INTO table VALUES (%s, %s, %s)", (var1, var2, var3))

Note that the parameters are passed as a tuple, (a, b, c). If you're passing a single parameter, the tuple needs to end with a comma, (a,).

The database API does proper escaping and quoting of variables. Be careful not to use the string formatting operator (%), because

It does not do any escaping or quoting.
It is prone to uncontrolled string format attacks e.g. SQL injection.

In Python, I want a list (or something) to pop its last member when I return from a function
Pytorch RuntimeError: The size of tensor a (4) must match the size of tensor b (3) at non-singleton dimension 0
HuggingFace: ValueError: expected sequence of length 165 at dim 1 (got 128)
argparse option to create a mapping
Python - Get relative path of all files and subfolders in a directory
Trouble with TensorFlow in Jupyter Notebook
Import a python module without the .py extension
Tensorflow - ValueError: Failed to convert a NumPy array to a Tensor (Unsupported object type float)
Compare Columns in DF & drop rows if Dates are matching between Columns
How to plot cdf in matplotlib in Python?
How to make bot status say member count for all the servers that its in (discord.py)
rebinning hist object from linear bins to log(x) bins in scikit-hep hist
Change TLS version used by Python
Match case statement with multiple 'or' conditions in each case
Compute the number of unique combinations while excluding those containing missing values
tcpdump does not capture all packets at high packet frequency
pyzmq REQ/REP with asyncio await for variable
How to sample from a distribution given the CDF in Python
Creating and saving CMS / PKCS#7 objects in Python
What is the fastest method to count elements of a tensorflow.data.Datset?
Functioning of rate limiter for API requests
Process finished with exit code 139 (interrupted by signal 11: SIGSEGV)
how to make sub-shell env variable available in the main shell python console?
Linux - Terminating AutoKey script using keybindings
How to calculate number of days between two given dates
List compiled metrics in a keras model?
How to get current index of element in polars list
How to "unmelt" a dataframe
How do I display the language name instead of language code in Django?
LEFT JOIN Django ORM