*From: http://www.eweek.com/article2/0,1759,2188714,00.asp
Q: How can sites protect themselves against SQL injection?
A: *The best defense is to design your database-backed Web site properly
to make sure it always separates SQL code and user data. You basically
have a choice between programming tools that are specifically designed
to prevent you from making this kind of mistake and those that allow you
to get into trouble if you're not careful. Roughly speaking, this
corresponds to the difference between the newer Microsoft .Net tools and
their older tools or open source frameworks like PHP.
--
Kenneth Downs
Secure Data Software, Inc.
www.secdat.com www.andromeda-project.org
631-689-7200 Fax: 631-689-0527
cell: 631-379-0010
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
