You're replying to a comment by Marco.

Marco Permalink
March 11, 2016, 10:20

You don't need an ORM to avoid SQL injections. All you need is to encode the query params. And then? That's it.

The advantage of an ORM is *just* to make it look like a bad OOP language. Everybody should know that SQL != OOP. Each technology needs to be used appropriately.

ORM and efficiency should never be used in the same sentence.

Reply To This Comment

(why do I need your e-mail?)

(Your twitter handle, if you have one.)

Type the word "apple_508": (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.