Using SQLite 3 with Flask

    Here is a simple example of how you can use SQLite 3 with Flask:

    Now, to use the database, the application must either have an active application context (which is always true if there is a request in flight) or create an application context itself. At that point the function can be used to get the current database connection. Whenever the context is destroyed the database connection will be terminated.

    Note: if you use Flask 0.9 or older you need to use flask._app_ctx_stack.top instead of g as the flask.g object was bound to the request and not application context.

    Example:

    1. @app.route('/')
    2. def index():
    3.     cur = get_db().cursor()
    4.     ...

    Note

    The upside of this approach (connecting on first use) is that this will only open the connection if truly necessary. If you want to use this code outside a request context you can use it in a Python shell by opening the application context by hand:

    1. with app.app_context():
    2.     # now you can use get_db()

    Now in each request handling function you can access get_db() to get the current open database connection. To simplify working with SQLite, a row factory function is useful. It is executed for every result returned from the database to convert the result. For instance, in order to get dictionaries instead of tuples, this could be inserted into the get_db function we created above:

    This will make the sqlite3 module return dicts for this database connection, which are much nicer to deal with. Even more simply, we could place this in get_db instead:

    1. db.row_factory = sqlite3.Row

    This would use Row objects rather than dicts to return the results of queries. These are namedtuple s, so we can access them either by index or by key. For example, assuming we have a called r for the rows id, FirstName, LastName, and MiddleInitial:

    1. >>> r['FirstName']
    2. John
    3. >>> # Or, you can get them based on index
    4. >>> r[1]
    5. John
    6. # Row objects are also iterable:
    7. >>> for value in r:
    9. 1
    10. John
    11. M

    Additionally, it is a good idea to provide a query function that combines getting the cursor, executing and fetching the results:

    Here is how you can use it:

    1. for user in query_db('select * from users'):
    2.     print user['username'], 'has the id', user['user_id']

    Or if you just want a single result:

    1. user = query_db('select * from users where username = ?',
    2.                 [the_username], one=True)
    3. if user is None:
    4.     print 'No such user'
    5. else:
    6.     print the_username, 'has the id', user['user_id']

    To pass variable parts to the SQL statement, use a question mark in the statement and pass in the arguments as a list. Never directly add them to the SQL statement with string formatting because this makes it possible to attack the application using .

    Relational databases need schemas, so applications often ship a schema.sql file that creates the database. It’s a good idea to provide a function that creates the database based on that schema. This function can do that for you:

    You can then create such a database from the Python shell:

    1. >>> from yourapplication import init_db