In this sample lets validate a real sql injection - use a popular DB framework - make this VERY lightweight nothing fancy - just needs to highlight calling an execute query without parameterization ...

I enabled the Developer extension and asked goose to make a suggestion to convert a hexo blog to a hugo blog.