Tips and tricks to keep things secure, and things to look out for. SQL Injection is a popular topic these days.
One of the things that troubles me most about SQL Injection is that is seems it is still very misunderstood.
For example, is the following psuedo-code vulnerable to SQL Injection?
Most of these are really basic. Some are my take on established ideas and standards, and may be controversial. Agree or disagree? All feedback is welcome! (well ... mostly the "I agree, you're a genius" feedback is welcome ... but I'll accept all of it, I suppose)