https://jsokit.com/blog/tags/sql/ Recent content in Sql on JsonKit Blog Hugo en © 2025 JsonKit Sat, 02 May 2026 13:32:23 +0000 https://jsokit.com/blog/posts/from-string-concatenation-to-parameterized-queries-building-a-safe-sql-builder/ Sat, 02 May 2026 13:32:23 +0000 https://jsokit.com/blog/posts/from-string-concatenation-to-parameterized-queries-building-a-safe-sql-builder/ From String Concatenation to Parameterized Queries: Building a Safe SQL Builder During a recent code review, I found this pattern scattered throughout the codebase: const sql = `SELECT * FROM users WHERE id = ${userId}` Convenient? Yes. Secure? Absolutely not. This is a textbook SQL injection vulnerability. If userId comes from user input and someone passes ' OR '1'='1, your entire users table is compromised. I decided to build a SQL query builder tool that generates common queries quickly while avoiding the security pitfalls of manual SQL writing. https://jsokit.com/blog/posts/building-docker-compose-configs-from-scratch-engineering-practices-for-service-orchestration/ Mon, 09 Feb 2026 19:15:54 +0000 https://jsokit.com/blog/posts/building-docker-compose-configs-from-scratch-engineering-practices-for-service-orchestration/ Building Docker Compose Configs from Scratch: Engineering Practices for Service Orchestration Recently deployed a full-stack project requiring Nginx + Node.js + MySQL + Redis working together. Hand-writing docker-compose.yml revealed how easy it is to mess up port mappings, volume mounts, environment variables, and service dependencies. So I built a generator and revisited Docker Compose core concepts. Core Technology of YAML Generation Docker Compose configuration is essentially YAML-formatted service orchestration. The core data structure: