> > I don't see how any legitimate programmer could claim to be unaware of > such an issue; it's a core concept about how programming works. They > may as well be confused that comments don't compile. >
Of the hundred plus developers I have worked with over the years, most would stare at you blankly if you mentioned sql injection. Just the other day I had to go to great lengths to explain it to some pretty experienced developers. Craig.
