If you don't understand it what have you implemented? It's way better than you've got five minutes because this guy Billy has posted the solution on his vanity site.
All you have to do is google for something like how do I get data from DBMS X with language Y. 75% + will be a sql injection attack vector.
I stopped trusting that the people posting code on the interweb were competent a long time ago. I don't even trust me far enough to just use it on the assumption that it's both what I need and correctly done.
If your boss has concerns on that front then show proof of diligence, and be thankful that your boss is more competent than most.
Keep Up with TechRepublic