You're viewing a comment by Marco and its responses.

Marco Permalink
March 11, 2016, 10:20

You don't need an ORM to avoid SQL injections. All you need is to encode the query params. And then? That's it.

The advantage of an ORM is *just* to make it look like a bad OOP language. Everybody should know that SQL != OOP. Each technology needs to be used appropriately.

ORM and efficiency should never be used in the same sentence.

Comment Responses

Christoph Permalink
March 11, 2016, 10:45

Obviously you never came across the concept of being platform independant..

bro Permalink
March 24, 2016, 13:15

Can you please elaborate, like, how is SQL platform dependent and ORM is not. I don't understand where you are pointing with your sentence.

Reply To This Comment

(why do I need your e-mail?)

(Your twitter handle, if you have one.)

Type the word "lcd_508": (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.