is there any way i can inject this query
$sql = "INSERT INTO CONTACT Values(\'$msg\')";
to be specific i want to inject a procedure or