I am trying to understand abit more of the security implication of SQL injection and was unsure about this and I cant find anything useful on the web.
Can we protect against SQL-injection by writing Javascript code correctly? How?
Cheers
Never try and prevent SQL injection solely by JavaScript. What happens if I turn JavaScript off? Your validation fails instantly. What happens if I modify your JS and remove the keywords you are preventing me from injecting?
Always validate it against the server.