undefined | Better HN

0 pointstwistedpair10y ago0 comments

As long as you don't want your queries parameterized/precompiled and inputs escaped, rolling your own SQL by hand should work.

0 comments

Do you really think I use non-escaped queries? :) Really funny :) Read about prepared statements.

> "queries parameterized/precompiled and inputs escaped"

Yep. That's exactly what I was talking about. You know that's what prepared statements do, right?

Yes, I know, and I use them in raw queries.

j / k navigate · click thread line to collapse

0 pointstwistedpair10y ago0 comments

As long as you don't want your queries parameterized/precompiled and inputs escaped, rolling your own SQL by hand should work.

Do you really think I use non-escaped queries? :) Really funny :) Read about prepared statements.

> "queries parameterized/precompiled and inputs escaped"

Yep. That's exactly what I was talking about. You know that's what prepared statements do, right?

Yes, I know, and I use them in raw queries.

j / k navigate · click thread line to collapse