[mod_python] Sanitizing user input... but not totally.

Jorey Bump list at joreybump.com
Tue Nov 22 13:20:49 EST 2005

Anthony L. wrote:
> Does mod_python or even Python have a function for sanitizing user  
> input? 

This depends on the context. For database storage, use placeholders. 
This will protect from SQL injection and support intuitive queries (no 
need to escape your query terms). But you will still need to use 
something like cgi.escape() when pulling strings from the db and 
printing them to a browser.

More information about the Mod_python mailing list