Y
Hacker News
new
|
ask
|
show
|
jobs
by
ams6110
3647 days ago
Yes. If you are building SQL by concatenating user inputs (escaped or not) you are doing it wrong.
1 comments
Klathmon
3646 days ago
IMO building SQL by concatenating anything
feels wrong
.
I still do it, and i haven't used an ORM yet that is actually useful, but it still feels wrong.
link
I still do it, and i haven't used an ORM yet that is actually useful, but it still feels wrong.