One of the things that troubles me most about SQL Injection is that is seems it is still very misunderstood.
Is the following psuedo-code vulnerable to SQL Injection?
String SearchTerm = {some user input here, unvalidated and unscrubbed -- uh oh !
Read more →
Most of these are really basic. Some are my take on established ideas and standards, and may be controversial. Agree or disagree? All feedback is welcome! (well ... mostly the "I agree, you're a genius" feedback is welcome .
Read more →