This is not a problem with SQL, this is a problem with management culture and inexperienced/uneducated developers. While SQL injections are common, similar injections can be done to any data query language if things aren't secured properly.
Shitty software with major flaws can and will be written on any platform or language. Tools (or lack thereof) alone cannot solve this problem.
The glaring problem with SQL in particular is that the simplest, most obvious way to use it is wildly insecure. We have so many tools for using SQL incorrectly, yet we're still hurting actual people because we can't do the tools correctly. At some point, we need to realize the danger and end the problem for good
This goes for all programming and data query languages. It just happens that SQL is what queries and manipulates data, and not fades in a textbox in your browser, so the severity of bad design is potentially far worse. IMO, if we follow your theory ("it's easy to do incorrectly, so let's end it"), we would have to kill off every major programming language and development platform.
Todays database engines (be it MS, Oracle, MySQL, Postgres or others) are so mature, well tested, reliable and efficient that simply abandoning the only way to query them would be a huge leap backwards in time. SQL when used correctly is an incredibly powerful tool, so people using it incorrectly should not be the reason to "end it for good".
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This is not a problem with SQL, this is a problem with management culture and inexperienced/uneducated developers. While SQL injections are common, similar injections can be done to any data query language if things aren't secured properly.
Shitty software with major flaws can and will be written on any platform or language. Tools (or lack thereof) alone cannot solve this problem.
The glaring problem with SQL in particular is that the simplest, most obvious way to use it is wildly insecure. We have so many tools for using SQL incorrectly, yet we're still hurting actual people because we can't do the tools correctly. At some point, we need to realize the danger and end the problem for good
This goes for all programming and data query languages. It just happens that SQL is what queries and manipulates data, and not fades in a textbox in your browser, so the severity of bad design is potentially far worse. IMO, if we follow your theory ("it's easy to do incorrectly, so let's end it"), we would have to kill off every major programming language and development platform.
Todays database engines (be it MS, Oracle, MySQL, Postgres or others) are so mature, well tested, reliable and efficient that simply abandoning the only way to query them would be a huge leap backwards in time. SQL when used correctly is an incredibly powerful tool, so people using it incorrectly should not be the reason to "end it for good".