In the last episode (Sep 28), Tony Thomas said:
> I've been hearing a bit about SQL injection lately, but the only
> documentation I can find refers to Microsoft or Oracle. Anyone know
> of good articles about injection in MySQL? Prevention? Detection? Is
> MySQL less vulnerable?
I would guess that it depends less on the database used and more on the
ability of the programmer. Use of bind variables or your API's
quoting/escaping functions should completely eliminate the possibly of
injecting SQL. It's basic security.