Not too long ago, I blogged about importance of getting developers to code parametrized queries instead of using literal values in SQL queries. In this post I urged every DBA to forward an article that talked about SQL injection attacks to their developers. Well, it would not have helped any to send this article to a Ruby on Rails developer because Ruby on Rails does not support parametrized queries. I should say “did not support till today”. Today IBM delivered version 2.0 of the Rails adapter for DB2 and the key future of this new version is support for parametrized [...]
Follow Me!