Custom finders and SQL Injections on October 21, 2011 Get link Facebook Twitter Pinterest Email Other Apps Everyone writes bad code. The most awful and potentially very dangerous ones that cannot just cannot sit in the commit-able code are the badly written raw SQL queries or even your API code that can give leeway to SQL Injections or SQLi.