Hi,
Would it be possible to add in support for prepared SQL statements to allow safe parameter binding in the relevant database steps e.g. import and database command?
We currently use a large number of stored procedures and user defined functions across our systems which need to take unsanitized data as string input. I understand that while we can insert parameter values directly into a query within EasyMorph, it is directly interpolated and the value is inserted verbatim rather than being bound to a positional or named placeholder. This of course could present an opportunity for an injection attack which we'd like to avoid.
Thanks!