Suchergebnisse mit Tag „injection“
SQL has some drawbacks, the worst one might be the SQL injection chance. There are many ways to avoid them but few of them are really working, one of them is using bind values by replacing all values by ? and passing the real values at execution time.
Order your checks
Doing many checks may slow down a program, but sorting the tests may improve your program's speed a lot at a very low cost.
SQL injections are well-known and could easily be used against against most PHP scripts, but there is a much easier injection leak in many Perl scripts: Regular Expression injection.