Re: [sqlalchemy] Security Implications of Directly Executing Queries Compiled to Strings

> On Mar 7, 2019, at 8:08 PM, Seth P wrote: > > Someone wrote a server that blindly executes SQL strings? Oy. Google around > for why that is a terrible idea. Oh, I am very familiar with why it’s a terrible idea. Unfortunately, I’m a user of this service and don’t have much of a choice in

[sqlalchemy] Security Implications of Directly Executing Queries Compiled to Strings

Someone wrote a server that blindly executes SQL strings? Oy. Google around for why that is a terrible idea. -- SQLAlchemy - The Python SQL Toolkit and Object Relational Mapper http://www.sqlalchemy.org/ To post example code, please provide an MCVE: Minimal, Complete, and Verifiable

[sqlalchemy] Security Implications of Directly Executing Queries Compiled to Strings

For some odd reasons, I'm in a situation where I don't have direct access to a database, but I do have an HTTP API fronting the database which I can submit SQL strings to and get results back from. I'd like to use SQLAlchemy to generate the query strings I send to the HTTP API, but I'm

[sqlalchemy] delete orphan unfavorite operations

Hi, I have 3 classes: two have many to many relationship between them, one is association class. class Person: ... tools = relationship('Association', back_populates='user', lazy=True, cascade='all, delete-orphan') class Tool: ... users = relationship('Association',