when you lunch a web site as a developer all your concern is that the website functionality doing well , and the site shows prefectly on all browsers … etc , but many developers dont spend any time to enhance security into thier web applications , ok lets start this case study

john is a web developer he works with php and javascript and his company told him to develop a website for a education institute which have a online payed session and online registration

john begin to develop this functionallity and perfectly done the site and test it (not security but only functionally)  and john deliver the project to his boss , and website lunched , john go to his home happy with his work

on another hand , there is a hacker some where , hear about this website and he begin to test it (security bugs)  and after a while he found a sql injection expoit with it he can bypass the registration , so the hacker hacked into the site and add a new user and just download all the educational material and then dropped the database and insert just one record in the db (HACKED BY ::: ) , and he continued and uploaded the educational material on sharing website to be available to all for free

john got a telephone at night from his boss , and his boss was very angry , the website hacked after a few our from being lunched . and all material available now for free on the internet ,  the education institute avoidance of the contract with the company , and the company the company’s reputation at stake , and as a natural result ,  john lose his job

ok , john was a good developer but he knows nothing about security and thats cost him his job and turn his life into hell .
hackers in every where , trying very hard to crack into websites and applications , so begin now learning security , read more and more ,

learn how to strike to  learn how to defence