I am trying to update all of our influxdb python queries, so that they are not vulnerable to sql injections. To do this, I have read that you can use params with the query_api() and specifically with the query_data_frame() (https://medium.com/sekoia-io-blog/avoiding-injections-with-influxdb-bind-parameters-50…
Tag: sql-injection
Confusion between prepared statement and parameterized query in Python
As far as I understand, prepared statements are (mainly) a database feature that allows you to separate parameters from the code that uses such parameters. Example: A parameterized query substitutes the manual string interpolation, so instead of doing we can do Now, it seems that prepared statements are, for …