Service Desk Manager - How are SQL injections handled?