The Best Way to Prevent SQL Injection

Published on Sep 19, 2012 by Jamie Munro

If you use a framework of some sort, you probably haven't thought about SQL injection for some time – in fact it almost seems dated to even discuss it.  However, security should never be overlooked and it's important to not trust third party applications and people by default!  So what is the best way to prevent SQL injection?

Have you noticed how I haven't specified a specific language?  This is done purposely, because at the end of the day – all languages – should be able to follow this paradigm…

Read more >

Tags: SQL | php | ASP.NET | .net | sql injection | prepared sql | coldfusion | c# | PHP

A Simple But Effective Speed Comparison

Published on Sep 4, 2012 by Jamie Munro

A little while ago, I wrote a simple .NET application that performs X amount of requests and calculates an average speed of those requests.  It does this by dropping the highest and lowest request times, then taking an average speed on the remaining requests.

This does a decent job for a straight up speed test.  However, a few possibilities could arise, such as CPU hogging that could skew the results.  Instead, I've made a few alterations and converted the speed tester to not be based on the number of requests, but instead based on a specific amount of time.  This should help eliminate some inconsistencies of doing a straight number of requests.

Read more >

Tags: Optimization | ASP.NET | timer | speed comparison | .net | Theory