Help keep the world safe from SQL injection

A while back, I put up []( as a repository for showing people the right way to handle external data in their SQL calls. Whenever someone pops up on a mailing list or IRC and they’re building SQL statements using external tainted data, you can just refer them to the site.
In the past few days, I’ve spiffed up the site (with design help from [Jeana Clark]( and added pages on [Perl]( and [PHP]( I need more examples, though. It’s 2010, and there’s no reason anyone shouldn’t know about parameterized SQL calls.
The site source is [hosted on github](, so if you have any contributions, please fork it and let me know about your applied changes, or you can email me directly.
P.S. In the next few days, I hope to fire up some redesign on [](, too.

Perlbuzz news roundup for 2010-02-01

These links are collected from the
Perlbuzz Twitter feed.
If you have suggestions for news bits, please mail me at