Best practices to mitigate SQL injections on forms

Hi,

Are there any best practices when creating forms to mitigate SQL injections?

We can do a validation on text fields to make sure certain character strings are not present but I'm not sure if that is a best practice or does the Appian cloud environment have application firewalls to mitigate this kind of thing from happening.

Any input is appreciated.

Thanks,

Gary

 

  Discussion posts and replies are publicly visible