[thelist] Website Hacked?

Chris Anderson Chris at activeide.com
Sat May 24 18:04:31 CDT 2008

> Check your data types (strong typing is critical) before passing on or
> building your SQL!!!


You might even want to go further and use variable names that highlight
the fact that it contains unchecked data.
Simply naming variables that hold user-entered data before it has been
checked with a "unchecked" prefix makes them stand out when you assign
pass them to functions that assume checked data, etc (and can help find
these problems during code reviews)

More information about the thelist mailing list