SQL Injection

SQL Injection

By Technical, Database, Engineering , ,

It is a way of hacking on a database driven application in which the hacker executes unauthorized SQL commands by taking advantage of insecure code on a system connected to the Internet, bypassing the firewall.

SQL injection hackers are used to steal information from a database from which the data would normally not be available and/or to gain access to an organization’s host computers through the computer that is hosting the database.

SQL injection attacks typically are easy to avoid by ensuring that a system has strong input validation.

Example:

This is your query when the user clicks on a Login button in your system

Select [UserName], [Password] From Users Where UserID = 1;

Here is what the hacker would type in the input fields like username textbox:

Select [UserName], [Password] From Users Where UserID = 1;
Drop Table Users;

Never use a direct query from your application to database.

Instead use web services or stored procedures and implement layers such as data access layer and business logic layer, this would protected you against SQL injection.

Share this post

Author

Founder | CEO | CTO | Project Manager | Product Owner

Related Posts

Kotlin for Server-Side Development Building Robust Backend Systems

Kotlin for Server-Side Development: Building Robust Backend Systems

By

Kotlin has been a popular language choice for server-side developers because it... read more

C# Keywords Tutorial Part 55: new

By

The new keyword in the object-oriented programming language C# enables programmers to... read more

Show alert or run JavaScript function after showing the appointment popup in DevExpress using VB.NET

By

You should handle the CustomJSProperties event and add in properties collection the... read more

C# Keywords Tutorial Part 65: private

By

Encapsulation, inheritance, and polymorphism are all features supported by the object-oriented programming... read more

Drupal vs. WordPress

By

Two of the most well-liked solutions for a content management system (CMS)... read more

Accelerating React Strategies for Speeding Up Your Application

Empowering React: Proven Tactics to Turbocharge Your Application Performance

By

In the dynamic world of web development, providing a quick and responsive... read more

How to Master Clean Code and Write Maintainable Software

How to Master Clean Code and Write Maintainable Software

By

Writing software isn’t just about making something that works today — it’s... read more

Deploying React Apps A Guide to Using GitHub Pages

Deploying React Apps: A Guide to Using GitHub Pages

By

Many developers find it difficult to deploy React apps, especially those who... read more

Django Request Life Cycle Explained

Django Request Life Cycle Explained

By

In the world of web development, understanding the request life cycle is... read more

C# Keywords Tutorial Part 13: catch

By

C# is a modern, object-oriented programming language that is widely used to... read more

Smart Software Outsourcing & Staff Augmentation

Access top-tier dedicated teams, seamless software outsourcing, and flexible staff augmentation tailored to your business goals. Bridging Tech Talent Gaps.

Book a Free Consultation!