MySQL Forums
Forum List  »  Connector/Python

What can be added to prevent SQL injection
Posted by: Naveen M
Date: May 14, 2016 02:10AM

What can be added to prevent SQL injection

# query to check password and get permissions
query = "select permissions from users where name=? and pwd=?".format(name, pwd)

# setup ssh tunnel
with SSHTunnelForwarder(
('xxxx', 22),
remote_bind_address=('localhost', 3306)) as server:

# connect to database via ssh-tunnel and run query
cnx = mysql.connector.connect(user='xxxx', password='xxxx',
host='xxxx', port=server.local_bind_port,
cursor = cnx.cursor()
permissions = cursor.fetchall()

Options: ReplyQuote

Written By
What can be added to prevent SQL injection
May 14, 2016 02:10AM

Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.