Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
LirikDEV2022-03-12 13:46:13
Python
LirikDEV, 2022-03-12 13:46:13

How to fix SQLite3, Discord Bot error?

The bot must add the emoji to the database, on command, but it gives an error.

import discord
from discord.ext import commands

import sqlite3
from config import settings

import random

client = commands.Bot(command_prefix = settings['PREFIX'], intents =  discord.Intents.all())
client.remove_command('help')

connection = sqlite3.connect('server.db')
cursor = connection.cursor()

@client.event
async def on_ready():
    cursor.execute("""CREATE TABLE IF NOT EXISTS emo (
        emoji TEXT,
        id INT
    )""")
    connection.commit()
    print("Bot started.")
    await client.change_presence(status = discord.Status.dnd)

@client.command(aliases = ['addemoji'])
@commands.has_permissions(administrator = True)
async def __addshopа(ctx, emoji: str = None):
    if emoji is None:
        await ctx.send("Укажите эмодзи какой хотите добавить.")
    else:
        cursor.execute("INSERT INTO emo VALUES ({})".format(emoji))
        connection.commit()

        await ctx.reply(embed = discord.Embed(
            description = f'Эмодзи успешно добавлен.'
        ))

Mistake:
Bot started.
Ignoring exception in command __addshopа:
Traceback (most recent call last):
  File "C:\Users\User\AppData\Local\Programs\Python\Python38\lib\site-packages\discord\ext\commands\core.py", line 85, in wrapped
    ret = await coro(*args, **kwargs)
  File "C:\Users\User\Desktop\GTAMine\gtamine.py", line 280, in __addshopа
    cursor.execute("INSERT INTO emo VALUES ({})".format(emoji))
sqlite3.OperationalError: no such column: 

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "C:\Users\User\AppData\Local\Programs\Python\Python38\lib\site-packages\discord\ext\commands\bot.py", line 939, in invoke
    await ctx.command.invoke(ctx)
  File "C:\Users\User\AppData\Local\Programs\Python\Python38\lib\site-packages\discord\ext\commands\core.py", line 863, in invoke
    await injected(*ctx.args, **ctx.kwargs)
  File "C:\Users\User\AppData\Local\Programs\Python\Python38\lib\site-packages\discord\ext\commands\core.py", line 94, in wrapped
    raise CommandInvokeError(exc) from exc
discord.ext.commands.errors.CommandInvokeError: Command raised an exception: OperationalError: no such column:

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
shurshur, 2022-03-12
@LirikDEV

Look, let's say your emoji is equal to :duck:, then the following request will be executed: Did you have to : Do ​​you understand now? Okay, let's say you insert quotes into the query, then someone adds quotes to the emoji code and can make the script execute this query: After which the emo table will be deleted. You can’t just insert into the request what the user passes. You need to use placeholders:
INSERT INTO emo VALUES (:duck:)
INSERT INTO emo VALUES (':duck:')
INSERT INTO emo VALUES ('');DROP TABLE emo;--')

cursor.execute("INSERT INTO emo VALUES (?)", (emoji,))

In this case, the database itself will take care of using the values ​​correctly in queries, taking into account the syntax.

Similar questions
O
Oleg Sevoc2020-02-10 17:04:27
Installing Laravel 6 and vuetify? 1Reply
V
Vladimir_Pridannikov2017-10-02 01:37:16
How to use a library without import? 3Reply
G
Guzh2017-11-09 16:18:51
What, according to your experience, should a middle-level js programmer know? 3Reply
A
Alexey Ivanov2017-12-01 01:06:36
When reloading the site page on MODX REVO, the cart is cleared. What could be the problem? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question