11 Oct
2008
11 Oct
'08
5:57 p.m.
apfelmus wrote:
... and a solution to a problem that you souldn't have in the first place. I mean, if you want to construct XML or SQL statements, you ought to use an abstract data type that ensures proper nesting etc. and not a simple string.
Right. And if you have 25 KB of HTML data, you're *really* going to transform all of that into an abstract data type just to avoid injection problems, right?