sec-sql-injection
1.000
Proposed solution
```python
# solution.py
import sqlite3
def get_user(conn, username):
"""
Query a sqlite3 users table for the row whose username column equals username
and return that row (or None).
Args:
conn: An open sqlite3.Connection
username: The username to search for
Returns:
A row from the users table matching the username, or None if not found
"""
cursor = conn.cursor()
cursor.execute("SELECT * FROM users WHERE username = ?", (username,))
return cursor.fetchone()
```