Quote
... is the following AI generated code secure?
Define "secure".
It's not
bad, by any means.
Most importantly, it uses
Parameters to pass values into the SQL, instead of building up a
string that
just happens to contain something meaningful to your DBMS.
It
has assumed that jobnumber is a string Data Type rather than a numeric one, but that
might be right and it's probably the safest choice.
Presumably jobnumber is [uniquely] indexed on that table, so it will perform well.
Quote
I most likely would not have used this ...
Just curious, but what would you have used instead?
You are quite right to "distrust" generated code, but then you really should take the same attitude to
anything that you find on The Web, even if it's put together by a "Real Person". Never cut-and-paste. Always take the time to
understand what it's doing and then take just the bits that you actually need or interpret it so that it meets your needs.
Regards, Phill W.