#SQL Injections

1 messages · Page 1 of 1 (latest)

prime osprey Sep 22, 2022, 9:50 AM

When we use SQL queries, would it be sufficient to use parameterized queries do we need to sanitize all the inputs to the queries as well ?

crystal zealot Sep 22, 2022, 10:05 AM

Yes, parameterized queries behave in a similar manner as prepared statements. The parameterized values will be sanitized before executing the query