Open u007 opened 6 years ago
hi, i realize its potentially harmful if we do not escape potential sql injection in here
mind if i add it in?
Not like WHERE, ORDER will not take an argument supplied by external users so the possibility of injection is very low. However, checking them for SQL injection could be an important task.
WHERE
ORDER
hi, i realize its potentially harmful if we do not escape potential sql injection in here
mind if i add it in?