Archive | Uncategorized RSS feed for this section

Avoiding SQL injections using stored procedures and access privileges

8 Feb

In the previous article I showed that the only way to be sure no one messes with your query is to use prepared statements because the statement is precompiled and not alterable afterwards. For people who don’t like to use prepared statements due to the added complexity, or people who worry about the overhead of prepared statements for one time queries there is another solution: stored procedures.

Continue reading

Advertisements