Secure the server from basic attacks (XSS/SQL injection/ sanitize inputs)

[spooketti]

anything that manages to reach both the client

or database.py

needs to be sanitized so noone can engage in a little

<img src="" onerror

or 1=1ing