Replaced the code examples for `set()` to show that the value parameter is not escaped and thus could pose an SQL injection vulnerability.