[Tutor] String representation of NULL (non type) values

Walter Prins wprins at gmail.com
Tue Nov 5 20:40:12 CET 2013


Hi,


On 5 November 2013 19:02, Danny Yoo <dyoo at hashcollision.org> wrote:

> Be extra careful if you're constructing SQL statements from user input.
>>  You have probably heard of the term "SQL Injection" or "Bobby Tables",
>> both of which are pretty much the same thing: your user may, intentionally
>> or not, input values that can be interpreted as SQL commands rather than as
>> literal data.
>
>
For those not familiar:
http://xkcd.com/327/

:)

Walter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/tutor/attachments/20131105/12e2d51e/attachment.html>


More information about the Tutor mailing list