That Slashdot comment makes so much more sense now. Chris Henk Allison Transmission phone: 317.242.2569 cell: 765.337.8769 fax: 317.242.3469 e-mail: [EMAIL PROTECTED]
Kent Johnson <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 10/10/2007 08:52 AM To Python Tutorlist <tutor@python.org> cc Subject Re: [Tutor] Updating MySQL Database Kent Johnson wrote: > It > also looks like you are embedding the data in the SQL command, this is > very bad practice, it opens you to SQL injection attacks For a humorous explanation of why you don't want to directly embed data into SQL commands, see today's xkcd: http://xkcd.com/327/ Kent _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
_______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
