Eliminating a Class of Defects
Imagine the following line of PHP code: $db->GetRow("SELECT * FROM users WHERE id = $user_id"); This line is vulnerable to SQL injection, if an attacker »
Imagine the following line of PHP code: $db->GetRow("SELECT * FROM users WHERE id = $user_id"); This line is vulnerable to SQL injection, if an attacker »