Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
auxiliarymoose
71 days ago
|
parent
|
context
|
favorite
| on:
Element: setHTML() method
Communicating with a SQL driver by concatenating strings containing user input and then evaluating it? wat?
I'm very interested in what tech stack you are using where this is a problem.
jfengel
71 days ago
[–]
People do it all the time, on any tech stack that lets you execute command strings. A lot of of early databases didn't even support things like parameterized inserts.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
I'm very interested in what tech stack you are using where this is a problem.