Path: csiph.com!news.mixmin.net!weretis.net!feeder1.news.weretis.net!news.solani.org!.POSTED!not-for-mail From: Thomas 'PointedEars' Lahn Newsgroups: comp.lang.python Subject: Re: WP-A: A New URL Shortener Date: Sat, 19 Mar 2016 15:00:28 +0100 Organization: PointedEars Software (PES) Lines: 27 Message-ID: <2334208.C0ktZ5B2k1@PointedEars.de> References: <1537bd9e261.12a0e5b4a204345.4468160629979098801@vmesel.com> <500E8DF1-DCAC-4923-BD94-06DA1716484A@vmesel.com> <1964524.jFVgOtWIx9@PointedEars.de> Reply-To: Thomas 'PointedEars' Lahn Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7Bit X-Trace: solani.org 1458396029 15919 eJwFwQkBwDAIA0BLjCeAnMIa/xJ6F4YPm46AB4MoZWGMkn5zewe/nZBZHjCUUPG92VZGeD8hMxEZ (19 Mar 2016 14:00:29 GMT) X-Complaints-To: abuse@news.solani.org NNTP-Posting-Date: Sat, 19 Mar 2016 14:00:29 +0000 (UTC) User-Agent: KNode/4.14.2 X-User-ID: eJwFwQkBACAIA8BKIK9x1I3+EbwLS81XnpEeE0O9ckCFYiF7lZBz9xhjgwKuYb3AHBO0HBlUW1clPBz3A4jtFrc= Cancel-Lock: sha1:GoYy375uJbkpvAQ9jl+HtA9qA0g= X-NNTP-Posting-Host: eJwNyskBwDAIA7CVCsZO16Ec+4/QvCVCpjohKrhc6xw9WV87UMeJ6BezNOm+rPQwiEO7avsDIkYQ7g== Xref: csiph.com comp.lang.python:105270 Chris Angelico wrote: > On Fri, Mar 18, 2016 at 10:17 AM, Thomas 'PointedEars' Lahn > wrote: >> Daniel Wilcox wrote: >>> Cool thanks, highly recommended to use an ORM to deter easy SQL >>> injections. >> >> That is to crack a nut with a sledgehammer. SQL injection can be easily >> and more efficiently prevented with prepared statements. While an >> Object-Relational Mapper (ORM) can use those, and there are benefits to >> using an ORM, avoiding SQL injection should not be the primary reason to >> use an ORM. In fact, using an ORM is often not only overkill, but >> effectively *reduces* application performance. > > You don't even need prepared statements. All you need is parameterized > queries. A prepared statement in this context uses a parameterized query. -- PointedEars Twitter: @PointedEars2 Please do not cc me. / Bitte keine Kopien per E-Mail.