i'm using php and ms sql 2000. a few days ago, the tables get attacked. the data in the table is inserted some wired string.
i serached online, it seems that using parepared statemment can prevert this attack. not so sure how to use the prepared statment and its requirement?
could some expert here have some suggestion about data injection attack on ms sql 2000?
thank you so much!