[thelist] Website Hacked?

[Chris Anderson]

> Check your data types (strong typing is critical) before passing on or
> building your SQL!!!

+1!!

You might even want to go further and use variable names that highlight
the fact that it contains unchecked data.
Simply naming variables that hold user-entered data before it has been
checked with a "unchecked" prefix makes them stand out when you assign
pass them to functions that assume checked data, etc (and can help find
these problems during code reviews)