99999久久久久久亚洲,欧美人与禽猛交狂配,高清日韩av在线影院,一个人在线高清免费观看,啦啦啦在线视频免费观看www

熱線電話:13121318867

登錄
2019-02-14 閱讀量: 1076
執(zhí)行raw sql時(shí)如何防止sql注入

問(wèn)題描述:

mysqldb,sqlalchemy和flask-sqlalchemy執(zhí)行raw sql時(shí)如何防止sql注入

解決方法:

mysqldb

c=db.cursor()
max_price=5
c.execute("""SELECT spam, eggs, sausage FROM breakfast
          WHERE price < %s""", [max_price])

sqlalchemy

from sqlalchemy.sql import text
t = text("select * from test where id= :tid")
conn.execute(t, tid=1).fetchall()

flask-sqlalchemy

db = SQLAlchemy(app)
conn = db.session.connection()

@app.route('/')
def index():
    rv = conn.execute('select * from test where id = %s', [1])
    return jsonify(rv)

42.8571
4
關(guān)注作者
收藏
評(píng)論(0)

發(fā)表評(píng)論

暫無(wú)數(shù)據(jù)
推薦帖子