SQLite extension with a focus on security
Project description
Fortify SQL
A python library for easy SQL injection prevention. Designed arround the SQLite3 python database library.
Current features are:
- Connect and executes queries on database
- Allows devs to configure if DROP is allowed on database
- Allows devs to configure if queries are error caught and printed to console
- Includes secure features:
- Basic injection proof
- Can’t use DELETE FROM table WHERE 1=1; as an alternative to drop if DROP is not allowed on database
- Can’t run more than one statement on a query that is labelled as single statement
- Basic injection proof
- One line of code to execute a query
- Allow statements to be set as blocked by dev so they can’t be executed on the database
Quickstart
fortify is designed arround the database class, start by importing fortifysql and specifying the path of the database to connect to
from fortifysql import Database
database = Database("mydatabase.db")
and then to make requests:
data = database.query("SELECT * FROM myTable", save_data = True) # use save_data if you want any data from the request
Parameters are defined with a '?' in the request and are passed through in a tuple
data = database.query("SELECT * FROM myTable WHERE id=?", save_data = True, (user_id,))
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
fortifysql-0.3.2.tar.gz
(6.4 kB
view hashes)