Here are two more great blog entries about preventing SQL Injection Attacks
- First, Bertrand Le Roy gives some excellent advice about how to spot potential sites for injection attacks and how to get yourself out of that mess: Please, please, please, learn about injection attacks!
- Second, Brian Delahunty points out three PDFs with some good information on injection attacks: SQL Injection
NOTE: This was rescued from the Wayback Machine. The original date was Tuesday, 30th November 2004.
I think one of the problems is that there is too many source code archives and books that called their code “best practices” that are targets for SQL Injection. We will probably still see the code used for years to come.