Oct-12-2022, 06:52 AM
You still need to use parameterised queries because you're probably going to miss things when trying to implement the sanitisation yourself. The libraries have been written by people who are experienced and are used widely, so will have been tested quite thoroughly. With security, it's better to rely on trusted software rather than doing it yourself.