这可能是一个逃避的问题.如果将这些值作为参数列表传递给execute()，而不是手动构建字符串，那会更安全.这样可以确保它们正确地逃脱了.

This is possibly an escaping issue. It would be safer if you passed the values as a list of parameters to execute() rather than manually building a string. This will ensure that they are correctly escaped.

insert = 'INSERT INTO {} ('.format(table) + ', '.join(headers) + ') VALUES ({})' \
    .format(', '.join(len(headers) * '?'))  # Add parameter placeholders as ?

for row in csvFile:
    values = map((lambda x: x.strip()), row)  # No need for the quotes
    cursor.execute(insert, values)  # Pass the list of values as 2nd argument
    conn.commit()