I got from my previous post, a lot of great feedback. so I have updated the code from that.
I use the same database, but as +Niklas Collin rightful said: "... those queries are vulnerable to SQL injection and are thus useless in any real code. Would have rather liked to see a prepared statement example...". So I have made a Prepared Statement and a Stored Procedure function to insert the data with.
Now the code look a lot prettier thanks to the comment from +Justin Fagnani and +Seth Ladd about futures, and as far as I know, it shouldn't be vulnerable to SQL injection any more.
No comments:
Post a Comment