[Tutor] : Question on open and read html files and psycopg

David Holland davholla2002 at yahoo.co.uk
Sat Sep 18 10:53:54 CEST 2004


------------------------------------------------------------- Just instead of asking
for a complete SQL query (which would be a bad idea)
Just ask for keywords and build up a string from there.

7, Issue 44
************************************


Asking for a complete sql query would be a very bad idea.  You would open yourself to the risk of sql injection make sure that users can not enter sql via a form.  I am not that good at python but I know about this.


		
---------------------------------
 ALL-NEW Yahoo! Messenger - all new features - even more fun!  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/tutor/attachments/20040918/ae57ad80/attachment.html


More information about the Tutor mailing list