DEV Community

Discussion on: A problem with a Python function to modify the information in the database

darkain profile image
Vincent Milum Jr

instead of executing the SQL, print the SQL out to the console or a file.

You'll start to notice that the way you're building the SQL query string is unsafe, if it doing in-place replacing without converting to SQL native and properly escaped strings.

hussein_ouda profile image
Hussein Ouda Author

I did not understand what you meant!
Can an example be given?