I want to insert beacon scan result in to a database using python and mysql
Michael Torrie
torriem at gmail.com
Thu Nov 10 10:36:30 EST 2016
More information about the Python-list mailing list
Thu Nov 10 10:36:30 EST 2016
- Previous message (by thread): I want to insert beacon scan result in to a database using python and mysql
- Next message (by thread): I want to insert beacon scan result in to a database using python and mysql
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 11/10/2016 06:15 AM, Dennis Lee Bieber wrote: > On Wed, 9 Nov 2016 21:05:50 -0800 (PST), sudeeratechneed at gmail.com > declaimed the following: > >> >> sql = "insert into beacon VALUES(null, '%s')" % \ >> (beacon) >> > DON'T DO THAT... Wouldn't hurt to include a brief why on this, and the right way to do this. The why is, of course, that this operation is vulnerable to SQL injection. This should be avoided as a matter of practice, even if you're not taking input from anyone but yourself. The correct way to do this is to use a prepared statement. And of course the relevant xkcd is: https://xkcd.com/327/
- Previous message (by thread): I want to insert beacon scan result in to a database using python and mysql
- Next message (by thread): I want to insert beacon scan result in to a database using python and mysql
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list