sqlescapy

Python module to escape SQL special characters and quotes in strings

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

Python module to escape SQL special characters and quotes in strings

Assuming dangerous_input is a variable coming from a user input, a bad actor can exploit it to start injecting your database.

dangerous_input = "JhonWick'"

protected_raw_statement = "\"foo_table\".username='%s'" % sqlescape(dangerous_input)

protected_query = """

SELECT "foo_table".*, "bar_table".*
FROM "foo_table", "bar_table"
WHERE "foo_table".id = "bar_table".id
      AND %s
""" % protected_raw_statement

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

1.0.1

Sep 13, 2019

This version

1.0.0

Sep 13, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sqlescapy-1.0.0.tar.gz (1.5 kB view hashes)

Uploaded Sep 13, 2019 Source

Built Distribution

sqlescapy-1.0.0-py3-none-any.whl (2.8 kB view hashes)

Uploaded Sep 13, 2019 Python 3

Hashes for sqlescapy-1.0.0.tar.gz

Hashes for sqlescapy-1.0.0.tar.gz
Algorithm	Hash digest
SHA256	`952b66de0c864c52d0e7c0961669387976d21f292751bd82da749253d73308e8`
MD5	`0f47120df90b9a16f6b03a80ec77ab08`
BLAKE2b-256	`f4f41ccdf4dff65dcc74f8c0a9d39c4af79db2bae6d9b83a52d7b6dbe2df1329`

Hashes for sqlescapy-1.0.0-py3-none-any.whl

Hashes for sqlescapy-1.0.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`5da26ffc1327ce9b96cc2f493b5057d6fcef936121b78bf0da98964e4dd049f5`
MD5	`c6a4adcc0add69c87496c5752d1c05ef`
BLAKE2b-256	`800fc0be556ada12acf635725cb1aa89131dc86e6f4f9653148f2499ed8b1bb1`