In this chapter, I’ll cover how to safely store data, focusing mostly on writing to and from databases. About half of this chapter should be unnecessary – effective techniques to prevent SQL injection attacks have been known and available for decades, but somehow SQL injection vulnerabilities still crop up in real-world websites. This may well be because too few developers understand what SQL injection is and how it occurs – which would explain the high number of blog posts out there demonstrating data access that are, in fact, vulnerable to attacks. Therefore, I’d be remiss if ...