Search
 
SCRIPT & CODE EXAMPLE
 

PYTHON

django raw without sql injection

# You MUST pass the parameters list to avoid SQL Injection
# https://docs.djangoproject.com/en/3.2/topics/db/sql/#passing-parameters-into-raw

>>> lname = 'Doe'
>>> Person.objects.raw('SELECT * FROM myapp_person WHERE last_name = %s', [lname])
Comment

PREVIOUS NEXT
Code Example
Python :: created by and updated by in django 
Python :: pandas read csv with lists 
Python :: variable globale python 
Python :: TypeError: method() takes 1 positional argument but 2 were given 
Python :: elbow plot for k means clustering 
Python :: python raise filenotfounderror 
Python :: python gui framework 
Python :: pandas print groupby 
Python :: python dictionary add item 
Python :: dictionary.com 
Python :: pyttsx3 saving the word to speak 
Python :: get index of first true value numpy 
Python :: django migrations 
Python :: pca in python 
Python :: How to delete a file or folder in Python? 
Python :: linux python 
Python :: python get all combinations of n numbers 
Python :: dictionary multiple values per key 
Python :: pandas join dataframe 
Python :: Join query flask-sqlalchemy 
Python :: negative slicing in python list 
Python :: get_permissions 
Python :: linkedlist python 
Python :: django create multiple objects 
Python :: pandas weighted average groupby 
Python :: how to become python developer 
Python :: what is a python module 
Python :: access list index python 
Python :: python map 
Python :: length of queue python 
ADD CONTENT
Topic
Content
Source link
Name
2+5 =