I have a dropdown that when the user selects it, he asks for a column of one db. The problem is that I can do SQLinyection with the same options. Next to the dropdown I have a field that also queries the db but it is parametrized, I wanted to know if I could also parameterize the column.
ps: I read many times that no, but a partner in his code showed me that if he was worth and wanted to know what you say, thank you.