{"id":29407556,"url":"https://github.com/princessmiku/mariadb-sqlbuilder","last_synced_at":"2026-03-06T16:03:06.026Z","repository":{"id":39649660,"uuid":"484509743","full_name":"princessmiku/MariaDB-SQLBuilder","owner":"princessmiku","description":"MariaDB SQL Builder is a simple way to use Maria SQL. Use your own SQL or use the integrated SQL Builder tool.","archived":false,"fork":false,"pushed_at":"2024-05-17T08:49:48.000Z","size":235,"stargazers_count":6,"open_issues_count":11,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-25T00:58:22.070Z","etag":null,"topics":["python","sql"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-2.1","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/princessmiku.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-22T16:58:39.000Z","updated_at":"2024-12-23T02:02:29.000Z","dependencies_parsed_at":"2024-05-17T09:45:34.763Z","dependency_job_id":"7ccc1e4a-8e54-489b-b08d-13df5540cc6a","html_url":"https://github.com/princessmiku/MariaDB-SQLBuilder","commit_stats":null,"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/princessmiku/MariaDB-SQLBuilder","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/princessmiku%2FMariaDB-SQLBuilder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/princessmiku%2FMariaDB-SQLBuilder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/princessmiku%2FMariaDB-SQLBuilder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/princessmiku%2FMariaDB-SQLBuilder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/princessmiku","download_url":"https://codeload.github.com/princessmiku/MariaDB-SQLBuilder/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/princessmiku%2FMariaDB-SQLBuilder/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30184884,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T14:42:24.748Z","status":"ssl_error","status_checked_at":"2026-03-06T14:42:14.925Z","response_time":250,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["python","sql"],"created_at":"2025-07-11T01:01:01.188Z","updated_at":"2026-03-06T16:03:06.002Z","avatar_url":"https://github.com/princessmiku.png","language":"Python","readme":"# MariaDB SQL Builder\n\n-----\n\n[![License - GNU LPGL version 2.1](https://img.shields.io/badge/License-GNU_LPGL_version_2.1-green)](https://opensource.org/licenses/LGPL-2.1)\n[![Python - ^3.7](https://img.shields.io/badge/Python-^3.7-blue)](https://www.python.org/)\n[![Downloads](https://pepy.tech/badge/mariadb-sqlbuilder)](https://pepy.tech/project/mariadb-sqlbuilder)\n\n## Security fix 1.1\n\nIf you are interested, the content is below\n\n### MariaDB license\n\nThis library uses MariaDB Connector/Python, which is released under the terms of the GPLv2 license. For more \ninformation, please see the [license file in the repository](https://github.com/mariadb-corporation/mariadb-connector-python/blob/1.1/LICENSE).\n\n\n# [Install](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Installation)\nInstall the package with pip\n``pip install mariadb-sqlbuilder``\n\nInstallation with pip + github\n``pip install git+https://github.com/princessmiku/MariaDB-SQLBuilder``\n\n# [Setup](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Setup)\n\n````python\nimport mariadb_sqlbuilder\n\nconnection = mariadb_sqlbuilder.Connector(\n    host=\"HostIP/URL\",\n    user=\"User\",\n    password=\"Password\",\n    database=\"DatabaseToConnect\"\n)\n````\n\n# Example Functions\n### Select\n```python\nresult = connection.table(\"myTable\").select(\"name, age, email\").where(\"age\", 25).fetchall()\n```\n\n### Insert\n```python\nconnection.table(\"myTable\").insert().set(\"id\", 10).set(\"age\", 25).set(\"Name\", \"Helgo\").execute()\n```\n\n# [Wiki](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki)\nFor all Details and how to use\n\n## Functions\n\n- **[Select](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Builder---Select)**\n- **[Insert](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Builder---Insert)**\n- **[Update](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Builder---Update)**\n- **[Upsert](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Builder---Upsert)**\n- **[Delete](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Builder---Delete)**\n- **[CustomSQL](https://github.com/princessmiku/MariaDB-SQLBuilder/wiki/Custom-SQL)**\n\n\n## Content of the fix\n\nI have found a security problem. Variables should be given directly\nto the cursor instead of writing them to the SQL. This prevents SQL injections.\n\nBy changing the avoidance of sql injection, the function “get_sql()” now returns “?”\nat the points where variables were before.\n\nTo get the variables back, there is now “values_for_execute”, which contains the variables in the correct order.\nThe variables are returned in the type as they are stored. \nString as string, integer as integer, datetime as datetime...\n\n**Example**\n\n- ``conn.table().update().values_for_execute``\n- ``conn.table().select().values_for_execute``\n\nThe variables are used in the statements where I suspect the possibility of SQL injection.\n\n- Setting variables\n- Where to query (conditions)\n\nSetting keys or table names, for example, is normally not something a user should do, \nso they are written to SQL as normal.\n\nI learned a lot while working on other projects. \nThis has given me some knowledge about security. \nSo I thought it was right to apply this to old projects as well.\n\n----------------------------------------------------------------\n\n\u003cbr\u003e\nNot completely used but \u003cbr\u003e\nTranslated with www.DeepL.com/Translator (free version)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprincessmiku%2Fmariadb-sqlbuilder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprincessmiku%2Fmariadb-sqlbuilder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprincessmiku%2Fmariadb-sqlbuilder/lists"}