File tree 2 files changed +12
-0
lines changed
2 files changed +12
-0
lines changed Original file line number Diff line number Diff line change @@ -2795,6 +2795,12 @@ def to_sql(
27952795 Databases supported by SQLAlchemy [1]_ are supported. Tables can be
27962796 newly created, appended to, or overwritten.
27972797
2798+ .. warning::
2799+ The pandas library does not attempt to sanitize inputs provided via a to_sql call.
2800+ Please refer to the documentation for the underlying database driver to see if it
2801+ will properly prevent injection, or alternatively be advised of a security risk when
2802+ executing arbitrary commands in a to_sql call.
2803+
27982804 Parameters
27992805 ----------
28002806 name : str
Original file line number Diff line number Diff line change @@ -750,6 +750,12 @@ def to_sql(
750750 """
751751 Write records stored in a DataFrame to a SQL database.
752752
753+ .. warning::
754+ The pandas library does not attempt to sanitize inputs provided via a to_sql call.
755+ Please refer to the documentation for the underlying database driver to see if it
756+ will properly prevent injection, or alternatively be advised of a security risk when
757+ executing arbitrary commands in a to_sql call.
758+
753759 Parameters
754760 ----------
755761 frame : DataFrame, Series
You can’t perform that action at this time.
0 commit comments