SQL injection

基本解釋

This method removes the potential for an SQL injection attack.
這種方法消除了 SQL 注入攻擊的可能性。
Like the SQL injection attack, you can often easily deal with the threat if you follow best practices to develop secure applications.
與 SQL 注入攻擊類(lèi)似，如果使用最佳實(shí)踐開(kāi)發(fā)安全的應(yīng)用程序，通常可以輕松地處理該威脅。
Here is how an SQL injection works: First, assume an SQL statement accepts user-supplied data to look up a team member's contact information from a database without input validation rules.
下面是 SQL 注入的工作方式：首先，假設(shè)一條 SQL 語(yǔ)句接受用戶提供的數(shù)據(jù)，沒(méi)有輸入確認(rèn)規(guī)則就可在數(shù)據(jù)庫(kù)中查找團(tuán)隊(duì)成員的聯(lián)系信息。

It appears that the old SQL Injection hack is still alive and well or at least it seems that way.
FORBES: LulzSec Hackers Finally Explain Themselves
They add that SonyPictures.com was breached using a simple SQL injection technique.
FORBES: LulzSec Hackers Purge SonyPictures.com, Say 1 Million User Accounts Compromised
Yet, the continuing vulnerability of Web-facing applications made SQL injection one of the most common forms of attack against websites at the time.
FORBES: The Hidden IT Security Threat: Multifunction Printers