On 1/11/2017 12:49 AM, Guyren Howe wrote:
> would prevent an SQL injection from wrecking havoc.
sql injection is quite easy to avoid. always make parameterized
queries, never use client supplied data to assemble a query with string
concatenation.
voila, no injection possible.
--
john r pierce, recycling bits in santa cruz