This week's book giveaway is in the OCAJP forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide 1Z0-808 and have Jeanne Boyarsky & Scott Selikoff on-line! See this thread for details.
I was wondering, as ruby (with rails) does every database update and create (using scaffold) in the back (correct me if im wrong).
But how is f.e. SQL Injection handled, and other type of attacks?
(sorry for my bad english)
Firstly, your question is quite specific to Rails, I feel, rather than Ruby. There are many different database abstraction libraries for Ruby that have different ways (or even no ways!) of managing SQL attacks, but Rails uses ActiveRecord and the link presented above gives good information on that. Rest assured, though, with the latest version of Rails and using ActiveRecord properly (rather than manually building SQL) you're not particularly susceptible to SQL injection attacks.