And you think SQL injection is dangerous

I’m a regular reader of thedailywtf.com. I find it to be an interesting source of examples that I use to lighten up the classroom experience.  But this particular example (appropriately called Tossing Your Cookies) is worth spreading around more quickly.  I know that defensive web development says that you should validate every input coming into your system, but really…