Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions app.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,8 @@ def spam_detector():
result = "This message is probably not spam."

# Fetch related spam messages using the input as the WHERE clause
c.execute(f"SELECT message FROM spam_messages WHERE message LIKE '%{message}%'")
Comment thread Fixed

Check failure

Code scanning / SonarCloud

Database queries should not be vulnerable to injection attacks

<!--SONAR_ISSUE_KEY:AZY98Y2b0VXkWskX26p1-->Change this code to not construct SQL queries directly from user-controlled data. <p>See more on <a href="https://sonarcloud.io/project/issues?id=colin-sonarsource_python-spam-detector&issues=AZY98Y2b0VXkWskX26p1&open=AZY98Y2b0VXkWskX26p1&pullRequest=9">SonarQube Cloud</a></p>
related_spam_messages = [row[0] for row in c.fetchall()]


# Fetch all spam messages
Expand Down