Learn More
Resend Email
0
TonyCox
281d

I'm working on a project to create a filter for an essay examples database on https://essaypay.com/essay-examples..., and I could use some advice on the best way to approach it. The filter needs to allow users to select the length of the essay and the level of writing separately, but also be able to use both filters at once. I'm using Python and have some knowledge of C/C++. What would be the best way to implement this filter efficiently and effectively?

question
Favorite
Ranter
Comments
  • 1
    281d
    Huh?
    SELECT * FROM ESSAY WHERE LENGTH ( >, <,...) X

    How do you define 'level of writing'?
  • 0
    280d
    The level of writing can be a value provided by the user.

    Then I can include a condition for the writing level based on the user's selection.

    SELECT * FROM ESSAY WHERE LENGTH > X AND LEVEL = 'college';

    However, someone told me to use parameterized queries for the writing level in the SQL query. "You need to use a library that supports parameterization, such as sqlite3 in Python." Is it necessary?
  • 0
    280d
    @TonyCox Yes, you should use parameterized queries.

    Plain queries make SQL-Injection attacks easier to achieve.

    Read up on parameterization of queries and SQL-Injection prevention before continuing to write any database related code.
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment