Custom finders and SQL Injections on October 21, 2011 Get link Facebook X Pinterest Email Other Apps Everyone writes bad code. The most awful and potentially very dangerous ones that cannot just cannot sit in the commit-able code are the badly written raw SQL queries or even your API code that can give leeway to SQL Injections or SQLi.