What is SQL Injection Attack on the website? you heard this question many time from website owners. In simple word these are the loose programming or security vulnerability in the website code from where hacker can easily enter your website and fetch the database, customer records etc. Most hacker used Query String method to attack and try to get the credit card details of buyer. So there is need to write the SQL like no hacker will break it and if he will try programmer or website owner know about this. Hacker always try to fill the form or registration form and programmer forget to filter the escape characters , so hacker get the access of website. Like Facebook they disclose that 60,000 attack in a day they received from hacker.
Old oscommerce versions are facing these problem of hacking etc. I corrected lots of websites in OSC and custom based websites. Due to php version change in Oscommerce lots of warning messages coming like in PHP the replace the function ereg_replace to preg_replace etc.
