Y
Hacker News
new
|
ask
|
show
|
jobs
by
Devilboy
5560 days ago
If you use type-safe SQL parameters everywhere and no string concatenation you'll be fine.
http://taylorza.blogspot.com/2009/04/sql-injection-are-param...