Hacker News new | past | comments | ask | show | jobs | submit login

> "queries parameterized/precompiled and inputs escaped"

Yep. That's exactly what I was talking about. You know that's what prepared statements do, right?




Yes, I know, and I use them in raw queries.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: