interesting, the docs example just uses template s...
# prisma-whats-new
t
interesting, the docs example just uses template string interpolation for adding user input. i would have assumed graphql variables were recommended in order to sanitize the user input, no? https://www.graph.cool/docs/tutorials/auth/authentication-with-email-and-password-for-react-and-apollo-cu3jah9ech#adjusting-the-signupuser-mutation
a
Yes, graphql variables are definitely the recommended way.
t
thanks. do you know if I need to worry about sanitizing them like I would with SQL injection?
n
where in that tutorial is string interpolation used?
ah found it, instruction 15
👍🏻 1
t
fyi it’s also used in the graphcool-lib source https://github.com/graphcool/graphcool-lib/blob/master/src/index.ts