SQL Injection Myths and Fallacies

Bill Karwin

Tuesday 18 October 2011 from 14:45 to 21:42

Talk in English - UK at ZendCon 2011
View Slides: http://www.slideshare.net/billkarwin/sql-injection-myths-and-fallacies
Short URL: https://joind.in/talk/7624b (QR-Code (opens in new window))

Avg. Rating

SQL Injection Myths and Fallacies

Comments

Comments are closed.

Evan Kaufman at 15:38 on 18 Oct 2011

Very detailed & well thought out discussion. Bill spoke very competently, especially in answering questions from the audience. Definitely a talk worth attending.

Chris Hartjes at 09:40 on 19 Oct 2011

Learned two new things: the Elvis operator ?: and the use of whitelist mappings to help prevent injection of arbitrary strings.

Very rare to find a DBA who also has an extensive web-based programming background like Bill.

Jake Smith at 08:42 on 20 Oct 2011

Bill Karwin knocked it out of the park like always. Great code examples and format for his presentation.

Anonymous at 09:58 on 24 Oct 2011

Great talk with good examples. Not only examples of what was wrong but what to do to fix it.