Skip to content

Instantly share code, notes, and snippets.

@GeekMasher

GeekMasher/app.py Secret

Created April 25, 2023 13:37
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
CodeQL Workshop Sample - DC44131, 2023
Raw
app.py
from flask import Flask, request, render_template
import psycopg2
app = Flask(__name__)
conn = psycopg2.connect("dbname=workshop user=postgres")
def lookup(data):
cursor = conn.cursor()
query = f"SELECT * FROM metadata WHERE name='{data}' OR data='{data}'"
cursor.execute(query)
return cursor.fetchall()
@app.route("/")
def index():
search = request.args.get("search")
results = lookup(search)
return render_template(
"search.html", results=results
)
if __name__ == "__main__":
app.run()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment