login = request.form["login"]
password = request.form["password"]
sql = f"SELECT id, role FROM users WHERE login='{login}' AND password='{password}'"
res = query(sql)
login = request.form["login"]
password = request.form["password"]
sql = "SELECT id, role FROM users WHERE login=? AND password=?"
res = query_safe(sql, (login, password))