Search
 
SCRIPT & CODE EXAMPLE
 
CODE EXAMPLE FOR PYTHON

django raw without sql injection

# You MUST pass the parameters list to avoid SQL Injection
# https://docs.djangoproject.com/en/3.2/topics/db/sql/#passing-parameters-into-raw

>>> lname = 'Doe'
>>> Person.objects.raw('SELECT * FROM myapp_person WHERE last_name = %s', [lname])
Source by docs.djangoproject.com #
 
PREVIOUS NEXT
Tagged: #django #raw #sql #injection
ADD COMMENT
Topic
Name
2+4 =