Bug

[ElspethHaixin]

The code does not fully examine the validity of input!
It may suffer from SQL injection.

[suliangxd]

This should be. Actually, it is my first Python project. Thank you anyway. : )