The main difference no-code and low-code applications is that you can easily extend low-code applications by adding your own code. This gives you both power and responsibility and we are going to talk about some typical mistakes people do while adding their own code.
Let me show you an example of the code one our clients were using in BeforeLogin event:
$rs = DB::Query("select * from users where username like '".$username."'"); $data = $rs->fetchAssoc(); ...
Can you tell what is wrong here? If not, keep reading.Continue Reading "Preventing SQL injection in low-code web applications"