SQL injection attacks are one of the most common web application security threat and one of the easiest to prevent. Web application attackers will surely test your web application for this security vulnerability so you must take steps to ensure that this security hole is plugged, and plugged fast!
SQL injection attacks are made possible by allowing non-escaped single or double quote strings to be included in your database's SQL call. This can be done very easily by an attacker by including a partial SQL...
(more)