Concern about potential SQL injection in Plasmic tables

Sorry if dumb question but do I need to be concerned with SQL injection for tables and data-queries in plasmic? i.e. if I write code Select * from table where column1 = DynamicInputField

If someone changes that dynamic input field to SQL code is that a potential problem?

Hi, that’s not a dumb question at all, it’s actually a pretty valid question, it’s good to have those concerns when you are building your application. When doing dynamic queries we use a parameterized query to populate the dynamic values, so you don’t need to worry about sql injection, you can see the code for this in and information about parameterized queries in