@theorytoe@kirby is this still even a thing? everythng i've used post-PHP has some form of prepared statement api where you just put ?'s in the query and pass the data as a sidecar
@theorytoe@icedquinn using python sqlite3 for now. that will work fine with ?s and all that so i dont really have to do any manual sanitization, i guess?
@kirby@theorytoe yes there are apis where you put in ? instead of the value, and then provide the value separately. i think postgres even has a specific protocol for this on the wire where the values don't even go in the query string, idk if mysql does
Add comment