Is This Open To SQL Injection?
alex23
wuwei23 at gmail.com
Thu Jul 8 01:31:43 EDT 2010
Stephen Hansen <me+list/pyt... at ixokai.io> wrote:
> You're doing string formatting
> to construct your SQL, which is where the trouble comes from.
You're wasting your breath, this topic has been discussed ad nauseum
with Victor for well over a year now. He appears to be teaching
himself relational db based web-development within a paid project and
the pressure to produce seems to be greatly overwhelming his need to
learn.
(Yes, I am aware that I'm a bad evil man because I don't believe that
blindly restating the same answer for someone over and over and over
is really helping them)
More information about the Python-list
mailing list