Re: help with data recovery from injected UPDATE

On Thu, Jun 11, 2009 at 1:32 PM, Chris Spotts<rfusca@gmail.com> wrote:
>
>> It's a classic story.  I'm volunteering about one day per month for
>> this project, learning SQL as I go.  Priority was always given to the
>> "get it working" tasks and never the "make it safe" tasks.  I had/have
>> grandiose plans to rewrite the whole system properly after I graduate.
>>  Unfortunately, the inevitable corruption didn't wait that long.
> As you're learning, it sounds like parametrized queries might have saved you
> from the sql injection that caused this.

Very true, and always a good idea.  However, OPs true failure here is
on the backup front.  Without recent, reliable backups, on another
machine / media / datacenter etc. is the only way your data can be
truly safe.