themaninblack@lemmy.world to memes@lemmy.world · 2 days agoCVS stylelemmy.worldexternal-linkmessage-square114fedilinkarrow-up1904arrow-down118
arrow-up1886arrow-down1external-linkCVS stylelemmy.worldthemaninblack@lemmy.world to memes@lemmy.world · 2 days agomessage-square114fedilink
minus-squareryannathans@aussie.zonelinkfedilinkarrow-up7·2 days agoParameterisation entirely solves the problem without needing to sanitise the string
minus-squarePhobosAnomaly@feddit.uklinkfedilinkarrow-up2·1 day agoI don’t disagree, but throwing out the concept of prepared statements and parameterisation to someone who has asked for an explanation of the Bobby Tables jokes is a bit heavy going.
minus-squareMotoAsh@piefed.sociallinkfedilinkEnglisharrow-up4arrow-down1·2 days agoNot entirely (I recall seeing some obscure CVEs some years ago), but it’s a hell of a lot better than what some coders try to get away with.
Parameterisation entirely solves the problem without needing to sanitise the string
I don’t disagree, but throwing out the concept of prepared statements and parameterisation to someone who has asked for an explanation of the Bobby Tables jokes is a bit heavy going.
Not entirely (I recall seeing some obscure CVEs some years ago), but it’s a hell of a lot better than what some coders try to get away with.