🕸Fergus Duniho wrote on Tue, Apr 24, 2018 03:25 PM UTC:
No, wait. Since the unpaired tail argument for table_row() and table_rows() is appended as is, this can be used for SQL injection. Therefore, this value should never be determined by user input.
No, wait. Since the unpaired tail argument for table_row() and table_rows() is appended as is, this can be used for SQL injection. Therefore, this value should never be determined by user input.