not sure how that happened, its a cakephp site and I assumed the framework provided some protection against sql injection. its good its hacked now so I know to fix it
I assumed the framework provided some protection against sql injection.
Some frameworks consider security out of the box to be beneath them. You should never assume you're secure even with a framework until you've gone combing through the docs and found where the security is, if it's anywhere, and if it's not anywhere because they spent all their effort on making it look and act like Ruby on Rails, how to get it.
Some frameworks consider security out of the box to be beneath them. You should never assume you're secure even with a framework until you've gone combing through the docs and found where the security is, if it's anywhere, and if it's not anywhere because they spent all their effort on making it look and act like Ruby on Rails, how to get it.