Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Exactly. I'd like to know how to check my personal site and some of our sites at work to see if they are vulnerable or not.


Do they use prepared statements? If not, they are almost certainly vulnerable.


Look I am not trying to start a flamewar here, but if his code is developed without knowledge of sql injections then they are almost certainly vulnerable.

It is almost impossible to fuck up prepared statements, so although they take longer to write it is a good way to secure a website.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: