[sqlalchemy] Newbie anti hacker question.

Mon, 18 May 2009 07:18:00 -0700 

I just started using SQL and SQLAlchemy 2 days ago. I don't know SQL
or Alchemy very well yet but this is all the code I will ever need (at
least for a while).

This is my python code for the server. Have I done this well? What
more could I do? What more can I do to make it hacker/cracker proof?
It is code from 2 def. The line that bugs me the most is the for loop,
there MUST be a better way for that! Thanks all!

init::  self.engine = create_engine('mysql://root:JianJing2007!!
@localhost:3306/zencart')

        self.dbConnection = self.engine.connect()


packprossor::

elif packetType == LOGIN :

            print 'Login', packet

            # Check database for email and password

            # send back position, nick, char info etc.

            if packet[EMAIL] == '' or packet[PASSWORD]=='' :

                packet = {}

                packet[PACKETTYPE] = LOGIN

                packet[SENDER] = SERVER

                packet[LOGINSTATUS] = REJECTED

            else :

                s = text("""select * from customers where
customers_email_address=:t1""")

                result = self.dbConnection.execute(s, t1= packet
[EMAIL]) # 'select * from customers where customers_email_address="' +
str(+'"'))

                #print "151 result", row in result

                #>result = self.dbConnection.execute('select * from
customers where customers_email_address="' + str(packet[EMAIL]+'"'))

                for dbResult in result : pass

                print dbResult

                if self.users.valadate(packet[PASSWORD], dbResult
['customers_password']) :

                    packet = {}

                    packet[PACKETTYPE] = LOGIN

                    packet[SENDER] = SERVER

                    packet[LOGINSTATUS] = ACCEPTED

                else :

                    packet = {}

                    packet[PACKETTYPE] = LOGIN

                    packet[SENDER] = SERVER

                    packet[LOGINSTATUS] = REJECTED

                print "Login out packet", packet

            self.server.sendData(packet, con)

        else : print "server packet error line 167, packet, con ",
packet, con

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"sqlalchemy" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.com/group/sqlalchemy?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to