Y
Hacker News
new
|
ask
|
show
|
jobs
by
0x4a42
3855 days ago
>prepareQuery("SELECT something FROM table WHERE col='"+userInput+"' and otherCol=?", otherUserInput);
This is very dumb, yet too common. :-/