|
|
|
|
|
|
by pesoneto
631 days ago
|
|
|
Books have been written about SQL Injection. But in the end, SQL Injection just means that you get a different AST than what was intended. So the simplest, stupid check for injection is to parse the query and see if multiple STMT's are found where only one was intended. Better checks can easily be imagined. |
|
|