来自文档:

con.execute("insert into person(firstname) values (?)", ("Joe",))

这转义了"Joe"，所以你想要的是

This escapes "Joe", so what you want is

con.execute("insert into person(firstname) values (?)", (firstname_from_client,))