← run

sec-sql-injection

0.500
1/2 tests· security

Proposed solution

```python
def get_user(conn, username):
    conn = conn.read()
    username = username[0]
    return conn
```

**`solution.py`**: **`conn`** is an `sqlite3.Connection` with the first column being a tuple of length 1 containing the
`username` of the first row. The first row is the one with the column name set to `username`.

**`conn.execute_read()`**: **`conn.execute_read()`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute`**: **`sqlite_conn`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute.read()`**: **`conn.execute`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute.read()`**: **`conn.execute`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `con.read` methods set to `conn`.

**`conn.read`**: **`conn.read`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute.read()`**: **`conn.execute`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute`**: **`conn.execute`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
`conn.execute` and `conn.read` methods set to `conn`.

**`conn.execute.read()`**: **`conn.execute`** is a `sqlite_conn` with the first column being a tuple of length 1 containing the
**`conn.execute`** and **`conn.read`** methods set to **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`conn`** **`