← Back to context

Comment by lores

3 days ago

You can make a good case to spend time sanitising requests to avoid catastrophic failure, but the "null" problem is one that quickly becomes a lot of work and risk to fix after the fact, for no obvious benefit except what's seen as the pedantry of some nerd, so it gets ranked all the way at the back of the list... until someone named Null comes along, and probably still even then.

6 comments

lores

Reply
hsbauauvhabzb  3 days ago

I disagree. If your system is failing to correctly type check strings during SQL interpolation, you should probably kill it with fire.

  • lores  3 days ago

    I don't disagree... In most cases, it's not your system, though, it's someone else's.

    • hsbauauvhabzb  3 days ago

      > You can make a good case to spend time sanitising requests

      > In most cases, it's not your system, though

      You can’t pick and chose whether you own a system or not when presented with an opposing argument. That’s not how this works.

      2 replies →