MatthewHSE - 2:43 pm on May 27, 2008 (gmt 0)

Just to make sure I understand this correctly, this is just an ordinary MySQL injection attack on a really big scale, right?

In other words, the fact that I validate all user input and run it through mysql_real_escape_string before I use it in a query should mean I'm still safe?