[Python-checkins] r46708 - python/trunk/Doc/whatsnew/whatsnew25.tex

andrew.kuchling python-checkins at python.org
Wed Jun 7 19:02:55 CEST 2006

• Previous message: [Python-checkins] buildbot warnings in x86 XP trunk
• Next message: [Python-checkins] r46709 - python/trunk/Doc/whatsnew/whatsnew25.tex
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Author: andrew.kuchling
Date: Wed Jun 7 19:02:52 2006
New Revision: 46708
Modified:
 python/trunk/Doc/whatsnew/whatsnew25.tex
Log:
Mention other placeholders
Modified: python/trunk/Doc/whatsnew/whatsnew25.tex
==============================================================================
--- python/trunk/Doc/whatsnew/whatsnew25.tex	(original)
+++ python/trunk/Doc/whatsnew/whatsnew25.tex	Wed Jun 7 19:02:52 2006
@@ -1923,10 +1923,11 @@
 operations because doing so is insecure; it makes your program
 vulnerable to an SQL injection attack. 
 
-Instead, use SQLite's parameter substitution. Put \samp{?} as a
+Instead, use the DB-API's parameter substitution. Put \samp{?} as a
 placeholder wherever you want to use a value, and then provide a tuple
 of values as the second argument to the cursor's \method{execute()}
-method. For example:
+method. (Other database modules may use a different placeholder,
+such as \samp{%s} or \samp{:1}.) For example:
 
 \begin{verbatim} 
 # Never do this -- insecure!

---

• Previous message: [Python-checkins] buildbot warnings in x86 XP trunk
• Next message: [Python-checkins] r46709 - python/trunk/Doc/whatsnew/whatsnew25.tex
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list