loading...

Discussion on: Prevent SQL Injections

Collapse
jvanbruegge profile image
Jan van Brügge

No! Never sanatize your input! You will forget edge cases. Use prepared statements and nothing else (ORMs like ActiveRecords use prepared statements under the hood)

Collapse
crishanks profile image
crishanks Author

Thanks for the feedback! Could be a good note to add the pros and cons of sanitized strings.