|
|
|
|
|
|
by sirclueless
3480 days ago
|
|
|
If your project cares at all about security you should at least be using some form of query builder. The bare minimum is a system that binds parameters of a query to user data without manual escaping. From there the distinction between ORMs and query builders gets fuzzy, it's more of a spectrum than a bright line. I particularly like SQLAlchemy's model of a core SQL-building library with an ORM you can use piecemeal around it. |
|
|