DEV Community

Discussion on: How to write super-uber-mega secure, sql-injection bullet-proof PostgreSQL queries

Collapse
vbilopav profile image
vbilopav Author

I do use a binding interface to call a PostgreSQL function "select from select_value(%s);" that encapsulates a query.

This is just a strict security measure as well as encapsulation.