← Back to context

Comment by vultour

11 hours ago

The link talks about more than just SQL injection. SQL injection can be fully mitigated using prepared statements. They were the solution 15 years ago when I was getting started with PHP in high school and it's still applicable today. The fact that SQL injection remains an issue speaks volumes about the general quality of software engineers.

SQL Injection isn't even a problem of SQL, it's a problem of the applications those databases are connected to.