I was discussing my project with a security team member, when he said "Make sure your code isn't vulnerable to SQL injection." I kind of freaked out, but I later found out by reading the docs that all of my queries we're automatically being escaped, and that's because I was using the framework's Query API.
If you can use a framework there's more power to you, but there will be times when you have to know what's happening underneath
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Quick story from when I was a beginner:
I was discussing my project with a security team member, when he said "Make sure your code isn't vulnerable to SQL injection." I kind of freaked out, but I later found out by reading the docs that all of my queries we're automatically being escaped, and that's because I was using the framework's Query API.
If you can use a framework there's more power to you, but there will be times when you have to know what's happening underneath