From e009b8ab10820b4ea91d73608ca8d4fc0fb97296 Mon Sep 17 00:00:00 2001
From: junjun <junjie.xia@fit2cloud.com>
Date: Mon, 29 Dec 2025 15:31:48 +0800
Subject: [PATCH] revert: Code security optimization

---
 backend/apps/db/db.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/backend/apps/db/db.py b/backend/apps/db/db.py
index 33b87534d..51084236c 100644
--- a/backend/apps/db/db.py
+++ b/backend/apps/db/db.py
@@ -386,8 +386,7 @@ def get_tables(ds: CoreDatasource):
                                   password=conf.password,
                                   options=f"-c statement_timeout={conf.timeout * 1000}",
                                   **extra_config_dict) as conn, conn.cursor() as cursor:
-                # Use parameterized query for security
-                cursor.execute(sql, (sql_param,))
+                cursor.execute(sql.format(sql_param))
                 res = cursor.fetchall()
                 res_list = [TableSchema(*item) for item in res]
                 return res_list
@@ -438,8 +437,7 @@ def get_fields(ds: CoreDatasource, table_name: str = None):
                                   password=conf.password,
                                   options=f"-c statement_timeout={conf.timeout * 1000}",
                                   **extra_config_dict) as conn, conn.cursor() as cursor:
-                # Use parameterized query for security
-                cursor.execute(sql, (p1, p2))
+                cursor.execute(sql.format(p1, p2))
                 res = cursor.fetchall()
                 res_list = [ColumnSchema(*item) for item in res]
                 return res_list