|
|
|
|
|
|
by DCoder
4488 days ago
|
|
|
> I also believe there are some nice SQL sanitation libraries out there.
This is not the right approach. Separating the query structure from the data is the right way to go - parametrized queries are much safer than sanitization, which is subject to all sorts of encoding headaches. |
|
|