The web apps we see today handle a lot of sensitive user data and this makes security of such applications very important. As developers, we need to be on guard against threats like SQL injection attacks. These types of attacks can slip malicious SQL code into our database queries if we’re not careful. Let’s see how Django helps us fight this, with some code examples to show you exactly how it’s done.
What’s SQL Injection All About?
Before we jump into the nitty gritty, let’s quickly cover what SQL injection is. Imagine a login form where a user enters their