You're solution opens you up to SQL injections. If you read the first section of the documentation, it specifically says not to do it the way you are proposing:

Never do this -- insecure!

symbol = 'RHAT'c.execute("SELECT * FROM stocks WHERE symbol = '%s'" % symbol)

Do this instead

t = ('RHAT',)c.execute('SELECT * FROM stocks WHERE symbol=?', t)

So you should change your code to something along the following lines:

conn = sqlite3.connect('connex.db')cur = conn.cursor()mobileval = '0400-123-456'emailval = 'foo@bar.com'constrain = 4q = "UPDATE licontacts310317 SET (?, ?)              WHERE (?)=(?)"cur.execute(q, (liemailval, limobileval, id, constrain) )conn.commit()conn.close()

I haven't tested it, but hopefully you get the idea =)

The following works: Its just standard SQL at this point.

cur.execute("""UPDATE table_name1            SET email = 'foo@bar.com', phone = '0400-123-456'            WHERE id = 4""")

OK. I made a solution that works with parameters.

First thanks to David for his original answer. It had a small syntax error (corrected in the comments for that answer) but it was enough to help me work out how to get it working without parametising.

(Note:I think David posted his reply before I edited the question to add the need to working with parameters.)

Then this answer helped me parametise the solution.

Here is my solution to the question. I'm poting it in case someone else has the same problem because I did quite a bit of searching before posting the original question and couldn't find the answer.

conn = sqlite3.connect('connex.db')cur = conn.cursor()mobileval = '0400-123-456'emailval = 'foo@bar.com'constrain = 4cur.execute("UPDATE licontacts310317 SET liemail=%s, limobile=%s              WHERE %s=?" % (liemailval, limobileval, id), (constrain,))conn.commit()conn.close()