How to prevent SQL Injection

Recently, I did a code review on web application that a colleague had developed, and to my horror I discovered that is was wide open to this sort of attack. I might be a bit naive, but I thought that every professional developer knew about this sort of attack – I guess not. Luckily for [...]