themaninblack@lemmy.world to memes@lemmy.world · 4 months agoCVS styleimagemessage-square118linkfedilinkarrow-up1958arrow-down119
arrow-up1939arrow-down1imageCVS stylethemaninblack@lemmy.world to memes@lemmy.world · 4 months agomessage-square118linkfedilink
minus-squareryannathans@aussie.zonelinkfedilinkarrow-up9·4 months agoParameterisation entirely solves the problem without needing to sanitise the string
minus-squareMotoAsh@piefed.socialBannedlinkfedilinkEnglisharrow-up4arrow-down1·4 months agoNot entirely (I recall seeing some obscure CVEs some years ago), but it’s a hell of a lot better than what some coders try to get away with.
minus-squarePhobosAnomaly@feddit.uklinkfedilinkarrow-up2·4 months agoI don’t disagree, but throwing out the concept of prepared statements and parameterisation to someone who has asked for an explanation of the Bobby Tables jokes is a bit heavy going.
Parameterisation entirely solves the problem without needing to sanitise the string
Not entirely (I recall seeing some obscure CVEs some years ago), but it’s a hell of a lot better than what some coders try to get away with.
I don’t disagree, but throwing out the concept of prepared statements and parameterisation to someone who has asked for an explanation of the Bobby Tables jokes is a bit heavy going.