sio4
commented
2 years ago Not like WHERE, ORDER will not take an argument supplied by external users so the possibility of injection is very low. However, checking them for SQL injection could be an important task.
hi, i realize its potentially harmful if we do not escape potential sql injection in here
mind if i add it in?