luckily you can use parameterized queries and completely avoid this problem. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		SoftTalker 45 days ago \| parent \| context \| favorite \| on: The Rise of SQL:the second programming language ev... luckily you can use parameterized queries and completely avoid this problem.

deepsun 44 days ago [–]

Only for simple queries. E.g. it's hard to parameterize table names.

Also it makes an extra round-trip to server to prepare the query.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact