? in SQL statements
The "?" in SQL statements is supposed to be used for values and not the rest of the SQL statement.
See bobby-tables.com: A guide to preventing SQL injection
The "?" in SQL statements is supposed to be used for values and not the rest of the SQL statement.
See bobby-tables.com: A guide to preventing SQL injection