Reply to Message

Completely inexcusable.

AzuMao 9th Feb 2010

All that's needed to make SQL injection impossible is sanitizing user
input with mysql_real_escape_string (or whatever function does this in
the language you're using).

How can that be to hard for so many professional coders out there?
Wtf?

Reply
Flag

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

A CNET Professional Brand

ZDNet

Log In | Join | Site Assistance | Follow via Twitter Facebook Email

All of ZDNet
Reviews
Downloads

Featured Articles

Top Productivity Apps for the iPad 3

The new iPad is a good tool for getting things done.

Facebook Lockdown: The Definitive Guide

Facebook's privacy and security settings have changed massively.

A power user's guide to Windows 8

Ed Bott reveals small but useful hidden shortcuts, surprises, and secrets.

Love stinks: The worst mergers in tech

Corporate mergers can end in utter disaster.

Services

Popular on CBS sites: US Open | PGA Championship | iPad | Video Game Reviews | Cell Phones

Around the network

ZDNet is available in the following editions:

Special Reports

Windows 8 revealed

The Great Debate

Tech Visualizer

ZDNet 20th Anniversary Special

Holiday Tech Gift Guide

Hot Topics