SQL string construction in postgres using Python
I have this piece of code that I’m using to do insert/update in Postgres, but I’m not sure if my construction of the SQL string literal is susceptible to SQL injection. If it is, how may I re-write the query?
SQL string construction in postgres
I have this piece of code that I’m using to do insert/update in Postgres, but I’m not sure if my construction of the SQL string literal is susceptible to SQL injection. If it is, how may I re-write the query?