|
|
|
|
|
|
by megous
2606 days ago
|
|
|
ORM builds on top of mechanisms for prepared statements or parametrization. Yes, ORM API can perhaps limit developers to such an extent, that they can't construct SQL themselves, and thus can't make the mistakes leading to SQL injection. |
|
|