Change the Python and SQL process to discourage SQL injection

The training in `sources/curriculum/software/python_sql.md` doesn't say anything about potential SQL injection issues, and is training folks to write potentially unsafe code. There should at least be a mention of SQL injection attacks, or the training should be rewritten to use bound parameters.