Comment by joseda-hg
2 days ago
NULL might be interpreted if you interpolate your strings directly to SQL instead of using parameters (Drilled into me in 1st year that you should avoid it like the plague, but for some reason surprisigly common in older systems I've encountered)
string name = null; $"INSERT INTO users (name) VALUES ('{name}')";
Basically an involuntary SQL Injection
No comments yet
Contribute on Hacker News ↗