SQL Injection

by Miguel de Icaza

Scott has an interesting post detailing the risks of SQL injection.

I made that mistake myself when I wrote the contributions web service for Monodoc. Until a few months ago, our Monodoc service had this very problem. Pablo Orduña contacted me off-line and even provided fixes to our web service to fix the issue. Highly recommended reading for anyone writing web apps.

Posted on 02 Oct 2006