School: Did you really name your son Robert'); Drop Table Students;--? Mom: Oh. Yes. Little Bobby Tables we call him School: Well, we've lost this year's student records. I hope your happy. Mom: and I hope you've learned to sanitize your database inputs. HAHAHA! Sweet. To be fair, you shouldn't sanitize user input, you should validate it. update 10/11/07: Someone posted this to the webappsec mailing list. And you thought O'Hare was a bad name... |