Updates from June, 2006 Toggle Comment Threads | Keyboard Shortcuts
You must be logged in to post a comment.
Are your apps sufficiently protected against SQL injection? Do you currently validate and sanitize all types (strings, numbers) and methods (forms, cookies, query strings) of user input before using it in a database query? If not, it’s only a matter of time before serious pwnage…
This article is good primer for newbies and reminder for gurus…
If you aren’t already using prepared statements, now’s as good a time as any to start: