Best Online Tutorials

SQL Tutorial

Free SQL Tutorial

SQL Interview Questions

SQL Practice Questions

SQL Tips & Tricks

SQL Errors

SQL Books

Angular Tutorial

Free Angular Tutorial

Angular Interview Questions

Angular Practice Questions

Angular Tips & Tricks

Angular Errors

Angular Books

Node.js Tutorial

Free Node.js Tutorial

Node.js Interview Questions

Node.js Practice Questions

Node.js Tips & Tricks

Node.js Errors

Node.js Books

React.js Tutorial

Free React.js Tutorial

React.js Interview Questions

React.js Practice Questions

React.js Tips & Tricks

React.js Errors

React.js Books

SSIS Tutorial

Free SSIS Tutorial

SSIS Interview Questions

SSIS Practice Questions

SSIS Tips & Tricks

SSIS Errors

SSIS Books

SEO Tutorial

Free SEO Tutorial

SEO Interview Questions

SEO Practice Questions

SEO Tips & Tricks

SEO Errors

SEO Books

Javascript Tutorial

Free Javascript Tutorial

Javascript Interview Questions

Javascript Practice Questions

Javascript Tips & Tricks

Javascript Errors

Javascript Books

MongoDB Tutorial

Free MongoDB Tutorial

MongoDB Interview Questions

MongoDB Practice Questions

MongoDB Tips & Tricks

MongoDB Errors

MongoDB Books

Next.js Tutorial

Free Next.js Tutorial

Next.js Interview Questions

Next.js Practice Questions

Next.js Tips & Tricks

Next.js Errors

Next.js Books

What is SQL Injection 

Prashant Surya  |   Mar 18, 2020  |  Views: 260

Description:

What is SQL Injection?


SQL Injection is a form of security attack on a database- driven web site in which the hacker or attacker executes the unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet, bypassing the firewall.

SQL Injection attacks are used to steal information from a database from which the data would normally not be available end/or to gain access to an organization's host computers through the computer that is hosting the database.

SQL Injection attacks are typically very easy to avoid by ensuring that a system has very strong input validation on user's input form.

As SQL Injection name suggest that we inject SQL query which can be relatively dangerous for any database.

Lets have an example of SQL Injection:

SELECT email, password, login_id, full_name 
FROM employee
WHERE email ='xx'

Now if someone  doesn't put 'xx' as the input and puts "xx; DROP TABLE employee;"

SO the actual query will become like:


SELECT email, password, login_id, full_name 
FROM employee
WHERE email ='xx' ; DROP TABLE employee;

So now there are two query to be executed on database, one will select and other will drop the database.
Which will be dangerous.

So try to validate the user's inputs always both at front-end and back-end always to avoid SQL Injection.

Comments:
Content Contributor
Prashant Surya

Prashant Surya

Software developer at Uniserve Data Technologies Pvt. Ltd.  |   Noida, Uttar Pradesh, India

I am a software developer, freelancer and trainer working on technologies likes. MEAN stack, MERN Stack, ASP.NET full stack, WebRTC, socket.io ,PWA, SQL, JavaScript, jQuery, HTML, CSS, SEO, responsive UI/UX designing... having 7 years of experience in development in multiple domains like, eCommerce, RTA, capital markets, education, real estate...


Read related articles

SQL Sever-Disk Usage Reports

Pooja Goel  |   Jun 20, 2020  |  Views: 513

How to optimize the Query in SQL SERVER

Pooja Goel  |   Jun 16, 2020  |  Views: 409

SQL Server - ORDER by using @Parameter

Pooja Goel  |   Jun 13, 2020  |  Views: 314

What is ACID fundamental

Prashant Surya  |   Mar 18, 2020  |  Views: 161

What is SQL Injection

Prashant Surya  |   Mar 18, 2020  |  Views: 261

Best website to learn SQL for free

Prashant Surya  |   Jan 24, 2020  |  Views: 186

SQL Tutorials Online

Prashant Surya  |   Jan 24, 2020  |  Views: 234

Top 10 SQL tutorial

Prashant Surya  |   Jan 24, 2020  |  Views: 224

SQL Tutorial

Prashant Surya  |   Jan 24, 2020  |  Views: 194

SQL Tutorials

Prashant Surya  |   Jan 24, 2020  |  Views: 221

Best SQL Tutorial

Prashant Surya  |   Jan 24, 2020  |  Views: 241

Advanced SQL Tutorial Topics - DritalConnect

Prashant Surya  |   Dec 21, 2019  |  Views: 343

Ways to get Execution Plan of Running SQL Query

Pooja Goel  |   Dec 4, 2019  |  Views: 655

Best SQL book for beginners - SQL Tutorial

Pooja Goel  |   Nov 23, 2019  |  Views: 316

Top 30 SQL Interview practice questions

Prashant Surya  |   Nov 23, 2019  |  Views: 422

Best website to learn sql tutorial online

Prashant Surya  |   Nov 22, 2019  |  Views: 227

SQL tutorials - DritalConnect

Prashant Surya  |   Nov 20, 2019  |  Views: 287

Performance tuning in SQL Server

Pooja Goel  |   Oct 19, 2019  |  Views: 1238

Ways to call SSIS Package in CA Workload

Abhishek Roy  |   Oct 9, 2019  |  Views: 560

Ways to Improve SQL Query Performance

Prashant Surya  |   Oct 7, 2019  |  Views: 1178

Want to sell your software ?-

If you want to sell your readymade software to the genuine clients or businessman, list your software with details and demo links.

  • Sell ERP
  • Sell Website Clones
  • Sell App Clones
  • Sell Readymade Portals
  • Sell Readymade Websites
  • Sell Mobile Apps
  • Sell Window Apps

Clients will find it using our advanced search filter and will contact you directly.

No any charge for the product lsiting.

Do you own a Company ?+

Property.sale

Buy or Sell Commercial Property+

Are you a freelancer ?+

Looking for a job ?+

Are you a Service Provider ?+

Are you a blogger ?+

Do you own an IT Institute ?+



Property.sale