Is it dangerous to let the user input into a LIKE sql statement
Assuming I want to implemante a search engine, is it dangerous to let the user into a LIKE. For example :
SELECT user FROM table WHERE user LIKE “[user input]”
In this case, I assume user will be allowed to type characters … Continue reading Is it dangerous to let the user input into a LIKE sql statement