@youTellMe to Programmer HumorEnglish • 3 months agoEveryday we stray further from industry standardsimagemessage-square24arrow-up1191arrow-down11
arrow-up1190arrow-down1imageEveryday we stray further from industry standards@youTellMe to Programmer HumorEnglish • 3 months agomessage-square24
minus-square@surewhynotlemlinkEnglish1•2 months agoIf that’s a pass through, that’s bad. If that’s used for authentication, authorization, credential limiting, or rate limiting, then sure.
minus-square@[email protected]linkfedilinkEnglish3•2 months agoThere is no context in this world validating this level of unsanitized SQL. Even for internal use this is bad, since it bypasses the auth of server and dbms.
If that’s a pass through, that’s bad.
If that’s used for authentication, authorization, credential limiting, or rate limiting, then sure.
There is no context in this world validating this level of unsanitized SQL. Even for internal use this is bad, since it bypasses the auth of server and dbms.
That is a very good point.