Use of Raw SQLs like the following can be seen throughout the code.
$query = 'SELECT * FROM ' . $config_table;
Raw SQL queries may lead to potential security vulnerabilities. It also lead to database portability issues. You will have to manually add to your own direct SQL queries. Be sure to escape any user input where possible, or else stick to the Magento model methods. For example, by sticking into Magento ways will lead avoiding such vulnerabilities such as SQL Injections.
Use of Raw SQLs like the following can be seen throughout the code.
$query = 'SELECT * FROM ' . $config_table;Raw SQL queries may lead to potential security vulnerabilities. It also lead to database portability issues. You will have to manually add to your own direct SQL queries. Be sure to escape any user input where possible, or else stick to the Magento model methods. For example, by sticking into Magento ways will lead avoiding such vulnerabilities such as SQL Injections.