In addition to protecting against SQL Injection, has anyone here experimented with detecting and recording attempts at injection?
I've been pondering checking strings which come directly from user input for sql keywords (and possibly using regexps to check for potential SQL Syntax fragments), but before I begin, I thought asking would benefit me, if someone with more experience has already tried this...
This might be an interesting social study :-)
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
