On 11/10/2016 06:10 PM, Dennis Lee Bieber wrote:
> {I could swear I'd included an example of a parameterized query in my
> response... I didn't want to go into the details of "SQL injection attack"
> as, based on the rest of the OPs post, it would have needed a large
> explanation... And the bigges
On 11/10/2016 11:32 AM, Chris Angelico wrote:
> The easiest way is to use a parameterized query:
>
> cur.execute("insert into beacon VALUES(null, %s)", (beacon,))
>
> I don't understand why so many people conflate parameterized with
> prepared. "Prepared statements" have a two-step execution.
> "
On Fri, Nov 11, 2016 at 2:36 AM, Michael Torrie wrote:
> On 11/10/2016 06:15 AM, Dennis Lee Bieber wrote:
>> On Wed, 9 Nov 2016 21:05:50 -0800 (PST), sudeeratechn...@gmail.com
>> declaimed the following:
>>
>>>
>>> sql = "insert into beacon VALUES(null, '%s')" % \
>>> (beacon)
>>>
>> DON'T D
On 11/10/2016 06:15 AM, Dennis Lee Bieber wrote:
> On Wed, 9 Nov 2016 21:05:50 -0800 (PST), sudeeratechn...@gmail.com
> declaimed the following:
>
>>
>> sql = "insert into beacon VALUES(null, '%s')" % \
>> (beacon)
>>
> DON'T DO THAT...
Wouldn't hurt to include a brief why on this, and the
when this files run gives corresponding output values as;
# test BLE Scanning software
# jcs 6/8/2014
import MySQLdb as my
import blescan
import sys
import bluetooth._bluetooth as bluez
dev_id = 0
db = my.connect(host="localhost",
user="root",
passwd="root",
db="test"
)
cursor = db.cursor
