Question: TODO 2 : write a prepared statement for this query with parameters for the two strings passed in . Comment out the query that used

TODO2: write a prepared statement for this query with parameters for the two
strings passed in. Comment out the query that used simple concatenation. Then, in
TODO3, write the execution statement to execute the prepared statement, commenting
out the existing statement (we recommend commenting out instead of deleting).
After saving and launching the app, try option 1 with the SQL injection attack and see if
it successfully protected the data from retrieval.
Query2: TODO4: write a prepared statement for this query with parameters for the two
strings passed in. Comment out the query that used simple concatenation. Then, in
TODO5, write the execution statement to execute the prepared statement, commenting
out the existing statement (we recommend commenting out instead of deleting).
Check that the patient table currently exists in the test_sql_inj database and re-establish
it if necessary.
After saving and launching the app, try option 2 with the SQL injection attack and see if
it successfully protected the patient table from deletion in the database.
Submit your DBConnector.py file to gradescope when you have verified that your
prepared statements are working.TODO2: write a prepared statement for this query with parameters for the two
strings passed in. Comment out the query that used simple concatenation. Then, in
TODO3, write the execution statement to execute the prepared statement, commenting
out the existing statement (we recommend commenting out instead of deleting).
After saving and launching the app, try option 1 with the SQL injection attack and see if
it successfully protected the data from retrieval.
Query2: TODO4: write a prepared statement for this query with parameters for the two
strings passed in. Comment out the query that used simple concatenation. Then, in
TODO5, write the execution statement to execute the prepared statement, commenting
out the existing statement (we recommend commenting out instead of deleting).
Check that the patient table currently exists in the test_sql_inj database and re-establish
it if necessary.
After saving and launching the app, try option 2 with the SQL injection attack and see if
it successfully protected the patient table from deletion in the database.
Submit your DBConnector.py file to gradescope when you have verified that your
prepared statements are working.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

book.cpp file BookList Sequence Containers Homework Last updated: Friday, February 12, 2021 The following class diagrams should help you visualize the BookList interface, and to remind you what the...

Q:

Tasks The goal of the project is to complete the code for the NgramAnalyser, MarkovModel, ModelMatcher and MatcherController classes, as detailed below, and to add test code to a new JUnit test...

Q:

Write a Java Program - Binary and Integer Conversions: Note: No break or switch statements. The program will ask the user to enter a choice of conversion they want to make and then either convert a...

Q:

A discrete sequence {xn} can be converted into a continuous representation x(t) = ts X n= (t n ts) xn, where ts is the sampling period. (a) State two characteristic properties of Dirac's function. [2...

Q:

Python and most Python libraries are free to download or use, though many users use Python through a paid service. Paid services help IT organizations manage the risks associated with the use of...

Q:

For this project, you will: Be introduced to DataCount stemming such as removing 's' from the end of a word can lead to erroneous results (such as "bu" from "bus") and require special logic. Even our...

Q:

For this project, you will: Be introduced to DataCount stemming such as removing 's' from the end of a word can lead to erroneous results (such as "bu" from "bus") and require special logic. Even our...

Q:

Problem 7: determine file type from a filename * * To identify the type of a file, the Operating System looks at the filename and * extension. The OS needs to know the file type to open it with the...

Q:

Part 1 - LAB (100%) Look at the code provided in the Collection template module, study it and understand it. The Collection class is a template that works like a dynamic array of objects and resizes...

Q:

Workshop #10: Function Templates Version 1.0 In this workshop, you are to code 3 function templates and 1 insertion operator template: "find": checks if a key value matches an array item at a...

Q:

ASIA Arclic Ocean AUSTRALIA Pacific Ocean Historical Hurricane Tracks Arctic Ocean NORTEL AMERICA SOUTH AMENICA . H5 H4 H3 H2 H1 TS TD EUROPE AFRICA ASIA

Q:

On January 1, 2020, Cullumber Industries Ltd. issued 1,780,000 face value, 5%, 10-year bonds at 1,648,990. This price resulted in an effective-interest rate of 6% on the bonds. Cullumber uses the...

Q:

5. The point P(2, 1) is transformed by M1, a reflection in the y-axis and then M2, a reflection in the line x = 4. Give the coordinates of (ii) M,(P), (i) M,(P), (iv) M_M,(P). (iii) M,M,(P),

Q:

douglas whi is not a member of the military , moved to take a new position with his company. his total expenses were 2,000. his employers reimbursed him 1,ooo. which of the following is correct...

Q:

4. Create a briefing for division managers showing the advantages and disadvantages of using MOOCs. Use websites, including www.td.org, www.coursera.org, and www.mooc-list.com.

Q:

LO3 Identify three types of analyses used to determine training needs.

Q:

1. The explosion in technology has led to dramatic changes in how companies deliver training. The process of learning on the go in brief, accessible modules is starting to replace more traditional...