Y
Hacker News
new
|
ask
|
show
|
jobs
by
sheeshkebab
3320 days ago
Is that safe from sqli prospective? It would inject table name and all, which I believe you can't bind...
1 comments
ksri
3320 days ago
You're right. That's why I said upfront - whitelist values in the userquery object.
link