Sign In
Best Online Tutorials
SQL Tutorial
Free SQL Tutorial
SQL Interview Questions
SQL Practice Questions
SQL Tips & Tricks
SQL Errors
SQL Books
Angular Tutorial
Free Angular Tutorial
Angular Interview Questions
Angular Practice Questions
Angular Tips & Tricks
Angular Errors
Angular Books
Node.js Tutorial
Free Node.js Tutorial
Node.js Interview Questions
Node.js Practice Questions
Node.js Tips & Tricks
Node.js Errors
Node.js Books
React.js Tutorial
Free React.js Tutorial
React.js Interview Questions
React.js Practice Questions
React.js Tips & Tricks
React.js Errors
React.js Books
SSIS Tutorial
Free SSIS Tutorial
SSIS Interview Questions
SSIS Practice Questions
SSIS Tips & Tricks
SSIS Errors
SSIS Books
SEO Tutorial
Free SEO Tutorial
SEO Interview Questions
SEO Practice Questions
SEO Tips & Tricks
SEO Errors
SEO Books
Javascript Tutorial
Free Javascript Tutorial
Javascript Interview Questions
Javascript Practice Questions
Javascript Tips & Tricks
Javascript Errors
Javascript Books
MongoDB Tutorial
Free MongoDB Tutorial
MongoDB Interview Questions
MongoDB Practice Questions
MongoDB Tips & Tricks
MongoDB Errors
MongoDB Books
Next.js Tutorial
Free Next.js Tutorial
Next.js Interview Questions
Next.js Practice Questions
Next.js Tips & Tricks
Next.js Errors
Next.js Books
What is SQL Injection
Prashant Surya | Mar 18, 2020 | Views: 260
Description:
What is SQL Injection?
SQL Injection is a form of security attack on a database- driven web site in which the hacker or attacker executes the unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet, bypassing the firewall.
SQL Injection attacks are used to steal information from a database from which the data would normally not be available end/or to gain access to an organization's host computers through the computer that is hosting the database.
SQL Injection attacks are typically very easy to avoid by ensuring that a system has very strong input validation on user's input form.
As SQL Injection name suggest that we inject SQL query which can be relatively dangerous for any database.
Lets have an example of SQL Injection:
SELECT email, password, login_id, full_name
FROM employee
WHERE email ='xx'
Now if someone doesn't put 'xx' as the input and puts "xx; DROP TABLE employee;"
SO the actual query will become like:
SELECT email, password, login_id, full_name
FROM employee
WHERE email ='xx' ; DROP TABLE employee;
So now there are two query to be executed on database, one will select and other will drop the database.
Which will be dangerous.
So try to validate the user's inputs always both at front-end and back-end always to avoid SQL Injection.
Comments:
Content Contributor
Prashant Surya
Software developer at Uniserve Data Technologies Pvt. Ltd. | Noida, Uttar Pradesh, India
I am a software developer, freelancer and trainer working on technologies likes. MEAN stack, MERN Stack, ASP.NET full stack, WebRTC, socket.io ,PWA, SQL, JavaScript, jQuery, HTML, CSS, SEO, responsive UI/UX designing... having 7 years of experience in development in multiple domains like, eCommerce, RTA, capital markets, education, real estate...
Read related articles
SQL Server- Index Statistics and Usage Information in SSMS
Pooja Goel | Jun 23, 2020 | Views: 400
SQL Sever-Disk Usage Reports
Pooja Goel | Jun 20, 2020 | Views: 513
How to find list of all databases, users and Logins in SQL Server
Pooja Goel | Jun 18, 2020 | Views: 491
How to optimize the Query in SQL SERVER
Pooja Goel | Jun 16, 2020 | Views: 409
SQL Server - ORDER by using @Parameter
Pooja Goel | Jun 13, 2020 | Views: 314
What is ACID fundamental
Prashant Surya | Mar 18, 2020 | Views: 161
What is SQL Injection
Prashant Surya | Mar 18, 2020 | Views: 261
Difference between Stored Procedure and User Defined Function
Prashant Surya | Mar 18, 2020 | Views: 165
Triggers in SQL - SQL Trigger - SQL Server Triggers Tutorial
Prashant Surya | Mar 1, 2020 | Views: 816
Best website to learn SQL for free
Prashant Surya | Jan 24, 2020 | Views: 186
SQL Tutorials Online
Prashant Surya | Jan 24, 2020 | Views: 234
Top 10 SQL tutorial
Prashant Surya | Jan 24, 2020 | Views: 224
SQL Tutorial
Prashant Surya | Jan 24, 2020 | Views: 194
SQL Tutorials
Prashant Surya | Jan 24, 2020 | Views: 221
Best SQL Tutorial
Prashant Surya | Jan 24, 2020 | Views: 241
Advanced SQL Tutorial Topics - DritalConnect
Prashant Surya | Dec 21, 2019 | Views: 343
What is the best site or book to learn complete SQL
Prashant Surya | Dec 20, 2019 | Views: 211
Ways to get Execution Plan of Running SQL Query
Pooja Goel | Dec 4, 2019 | Views: 655
Best SQL book for beginners - SQL Tutorial
Pooja Goel | Nov 23, 2019 | Views: 316
Top 30 SQL Interview practice questions
Prashant Surya | Nov 23, 2019 | Views: 422
Best website to learn sql tutorial online
Prashant Surya | Nov 22, 2019 | Views: 227
SQL tutorials - DritalConnect
Prashant Surya | Nov 20, 2019 | Views: 287
Read best sql tutorial for beginners and experienced at DritalConnect
Prashant Surya | Nov 19, 2019 | Views: 228
Performance tuning in SQL Server
Pooja Goel | Oct 19, 2019 | Views: 1238
Ways to call SSIS Package in CA Workload
Abhishek Roy | Oct 9, 2019 | Views: 560
Ways to Improve SQL Query Performance
Prashant Surya | Oct 7, 2019 | Views: 1178
Want to sell your software ?-
If you want to sell your readymade software to the genuine clients or businessman, list your software with details and demo links.
- Sell ERP
- Sell Website Clones
- Sell App Clones
- Sell Readymade Portals
- Sell Readymade Websites
- Sell Mobile Apps
- Sell Window Apps
Clients will find it using our advanced search filter and will contact you directly.
No any charge for the product lsiting.
Do you own a Company ?+
Buy or Sell Commercial Property+
Are you a freelancer ?+
Looking for a job ?+
Are you a Service Provider ?+
Are you a blogger ?+
Do you own an IT Institute ?+
© Copyright 2020 DritalConnect - All Rights Reserved
Powered By: Uniserve Data Technologies Pvt Ltd.