Apr-05-2020, 05:52 PM
(Apr-05-2020, 02:21 PM)ndc85430 Wrote: You should never be building queries by concatenating strings (the term to look up is "SQL injection"). Instead, you should be using the right placeholder character (which is apparently ?, according to the documentation.
thanks for making me aware,
i know what SQL injection is, but dont know the methods to avoid it as i am learning to program at the moment
it wasn't necesary for me to dive deeper into this as the application will only be available local and is not intended to be published on the web
with this comment I learned again something, thanks