ya because the person who developed this is totally trustworthy to fully fix it and assess any other possible vulnerabilities. he definitely isn't gonna just add a front end validation to throw a message on the front end when you submit a single quote...