• Semi-Hemi-Demigod
    link
    fedilink
    1711 months ago

    They might be doing it in the DB query, but they’re definitely not sanitized beforehand.

    • @CrayonRosary
      link
      211 months ago

      Sanitization has nothing to do with salting and hashing.

      • Semi-Hemi-Demigod
        link
        fedilink
        211 months ago

        If you do the salting and hashing in a database query you need to sanitize the input before you use it or you open yourself to SQL injection.

        Databases have salting and hashing functions, after all