1.2 How Can SQL Injection Happen? |
||||||||||||||||
Let us review some classic vulnerabilities in SQL code that can be exploited by using SQL injection.
To immunize your code against SQL injection attacks, you must use bind arguments (either automatically with static SQL, or explicitly with dynamic SQL), or validate and sanitize all input concatenated to dynamic SQL.
|