mirror of
https://github.com/ilri/dspace-statistics-api.git
synced 2024-11-22 14:25:01 +01:00
dspace_statistics_api/app.py: Use parameterized SQL queries
This is a better way to run SQL queries because psycopg2 takes care of the quoting for us.
This commit is contained in:
parent
60e6ea57b1
commit
9e7dd28156
@ -29,9 +29,8 @@ class AllItemsResource:
|
|||||||
|
|
||||||
# get statistics and use limit and offset to page through results
|
# get statistics and use limit and offset to page through results
|
||||||
cursor.execute(
|
cursor.execute(
|
||||||
"SELECT id, views, downloads FROM items LIMIT {} OFFSET {}".format(
|
"SELECT id, views, downloads FROM items LIMIT %s OFFSET %s",
|
||||||
limit, offset
|
[limit, offset],
|
||||||
)
|
|
||||||
)
|
)
|
||||||
|
|
||||||
# create a list to hold dicts of item stats
|
# create a list to hold dicts of item stats
|
||||||
|
Loading…
Reference in New Issue
Block a user