Advanced SQL Injection - Blind and Timed

Sometimes, the server doesn't respond in a way that is easy to figure out what happened. But does that mean you're protected from SQL Injection? Maybe not. Does your server imply information to people based on how long it takes to give a response? Maybe you're giving away more than you want. Check out this article on how to test your site for timed blind SQL injections.

http://danuxx.blogspot.com/2012/03/time-based-blind-sql-injection.html