What can be added to prevent SQL injection
Posted by:
Naveen M
Date: May 14, 2016 02:10AM
What can be added to prevent SQL injection
# query to check password and get permissions
query = "select permissions from users where name=? and pwd=?".format(name, pwd)
# setup ssh tunnel
with SSHTunnelForwarder(
('xxxx', 22),
ssh_password='xxxx',
ssh_username='p11179711',
remote_bind_address=('localhost', 3306)) as server:
# connect to database via ssh-tunnel and run query
cnx = mysql.connector.connect(user='xxxx', password='xxxx',
host='xxxx', port=server.local_bind_port,
database='xxxx')
cursor = cnx.cursor()
cursor.execute(query)
permissions = cursor.fetchall()
Subject
Written By
Posted
What can be added to prevent SQL injection
May 14, 2016 02:10AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.