March 10

flask projects

What's your progress so far?

SQL

SQL : discuss. I've posted an example in code/sql, and listed resources in the notes from last week.

concepts :

• one-to-one vs many-to-one relations
• database, table, row
• primary key, foreign key
• most important statement : "SELECT ... ";
• transactions : "commit"
• ORM - "object-relational mapping" libraries (more power than we need for now)

security

• SQL injection ; "?" in sql called from within code ... xkcd
• HTML|CSS|JS injection ... an example | cross site scripting more generally

First rule : must "sanitize" all non-trusted data ... includes anything from HTTP request and all user input.

aside

• dark web ransomware