|
From: | Emanuel Berg |
Subject: | Re: Emacs Modular Configuration: the preferable way. |
Date: | Tue, 22 Jun 2021 02:33:39 +0200 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/28.0.50 (gnu/linux) |
Jean Louis wrote: >>> The language itself has evolved a lot since its beginnings >>> (to the better, IMO). But you still see extremely bad >>> habits "out there" which wouldn't be necessary these days >>> -- because, well, they are "out there" (for example: >>> assebling SQL queries with sprintf [1]). They take a life >>> of their own :-) >> >> If it is string to begin with and the end result is >> a string one should be able to use string functions to >> "assemble" it. > > I am thinking how can I make it safer for SQL queries. SQL injection isn't avoided by not assembling queries with string functions but by quoting user input. -- underground experts united https://dataswamp.org/~incal
[Prev in Thread] | Current Thread | [Next in Thread] |