
Python – parameterized storing into db to prevent SQL injection example

import MySQLdb, db_config
class Test:
    def connect(self): 
        self.conn = MySQLdb.connect(host=config.db_credentials["mysql"]["host"],
        return self.conn  

    def insert_parametrized(self, test_value="L'le-Perrot"):
        cur = self.connect().cursor()
        cur.execute("INSERT INTO a_table (name, city) VALUES (%s,%s)", ('temp', test_value))

# run it
t=Test().insert_parametrized("test city'; DROP TABLE a_table;") (place it in the same directory as the file)

db_credentials = {
    "mysql": {
        "name": "db_name",
        "host": "db_host", # eg. ''
        "user": "xxxx",
        "pass": "xxxxxxxx",

What are the ways of inserting web scraping results into an SQL server?

  1. Apply a webhook service to request your target data and store them to DB.
Legal Miscellaneous

Is this a legal method of acquiring insurance leads?

Recently I received a question on insurance leads:

Is this a legal method of acquiring insurance leads [from the web]? Are there any agent testimonials on the efficiency of this type of service?

Legality issue in web scraping

With the matter of legality in web scraping, there should be a clear approach –  it depends on the website and its privacy policy. There could be at least 2 cases:

  1. Public info (prices, inventory info, public offers), i.e. everything that is not protected by copyright and available for scraping.
  2. The copyright protected info –  website Terms of Use or Terms of Service restrictions make copying and therefore web scraping illegal.
The US court of appeals has affirmed that a certain [data] analytic company is lawful to scrape data aggregator’s (LinkedIn’s) public profiles info.

So far I have no insurance agent testimonies on the efficiency of any insurance lead scrape service. The web sites I searched [on the insurance leads] have given me the impression that the customer info they gather is highly secured (not viewable). I doubt that any sites are going to expose insurance leads. In most of them the leads are available by paid subscription plans.

If there are any such websites like insurance leads directories (public insurance quotes), we might develop a scraper that consistently grabs fresh or new info for further analysis. It does save the agent’s time for re-searching, re-visiting and so on. One scraper might work with multiple directory pages for scrape.

The US district court has concluded that moderate scraping, even when against ToS, is legal.

You might find it interesting to read about web page change tracking if you only need to see updates (no data storing applied).