Closed bakert closed 1 week ago
Having some separate code that has to know all the pitfalls seems like a bad idea. No SQL injection possible here but we were failing to escape backslashes.
Now everything uses the same escaping code.
Having some separate code that has to know all the pitfalls seems like a bad idea. No SQL injection possible here but we were failing to escape backslashes.
Now everything uses the same escaping code.