klog
klog copied to clipboard
SQL break on "
It is needed to clean the data to prevent SQLi

FYI this is the way queries should be build
QSqlQuery query;
query.prepare("INSERT INTO employee (id, name, salary) "
"VALUES (:id, :name, :salary)");
query.bindValue(":id", 1001);
query.bindValue(":name", "Thad Beaumont");
query.bindValue(":salary", 65000);
query.exec();
Absolutely right. I will start rewriting queries that way. Thanks