|
|
|
|
|
|
by bbotond
4956 days ago
|
|
|
Very true. It amazes me that in 2012, the code in 8 out of 10 PHP/MySQL questions on StackOverflow is still vulnerable to SQL injection. Sometimes people post code that is running on real, production web sites that handle credit card data. They even give you the URL. It's super easy to crack any of them - hell, you can see exactly what you have to do in the ugly 500-line monstrosity they posted. Any resource that is dedicated to education and teaches web development should take SQL injection very seriously. There is no excuse for not doing so. |
|
|