Problem
SQL injection is a basic attack used either to gain unauthorized access to a database or to retrieve information directly from the database.
a) Do you agree or disagree that this is due to a flaw in web application and is not a database or web-server issue?
b) Share your thoughts and analysis of the experience and how it affects your ideas and possible practice in future.