Hacker News new | past | comments | ask | show | jobs | submit login

In this case the sql function can not escape the id. If you were to use a tagged template, it could.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: