fortifysql 0.4.0

SQLite extension with a focus on security

Fortify SQL

A python library for easy SQL injection prevention. Designed arround the SQLite3 python database library.
Current features are:

• Connect and executes queries on database
  
• Allows devs to configure if DROP is allowed on database
  
• Allows devs to configure if queries are error caught and printed to console
  
• Includes secure features:
  
  • Basic injection proof
    
  • Can’t use DELETE FROM table WHERE 1=1; as an alternative to drop if DROP is not allowed on database
    
  • Can’t run more than one statement on a query that is labelled as single statement
    
• One line of code to execute a query
  
• Allow statements to be set as blocked by dev so they can’t be executed on the database

Quickstart

install using pip

pip install fortifysql

fortify is designed arround the database class, start by importing fortifysql and specifying the path of the database to connect to

from fortifysql import Database

database = Database("mydatabase.db")

and then to make requests:

data = database.query("SELECT * FROM myTable", save_data = True) # use save_data if you want any data from the request

Parameters are defined with a '?' in the request and are passed through in a tuple

data = database.query("SELECT * FROM myTable WHERE id=?", save_data = True, (user_id,))