12
Rossko
8y

In one big project I made in past (when I was new developer) every ajax call execute code which looks like: dbquery("SELECT * FROM table WHERE something='".$_POST['value']."'");

That project doesn't exist now (thank god)

Comments
  • 1
    I suspect most of us have made that mistake starting out. Security tends to be something you pick up later. As long as you were fortunate enough to catch and fix it before it was exploited.
Add Comment