dcsimg
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Tip: SQL Injection, Part 1

Learn more about how to avoid SQL injection issues.


advertisement

WEBINAR:

On-Demand

Building the Right Environment to Support AI, Machine Learning and Deep Learning


SQL injection is probably the most common and easiest hacking technique out there. Now, don't think I condone it, I'm just trying to make you aware of some of the techniques used.

Let's say, for example, your database on a website runs a query that looks like the following:

SELECT * FROM Users WHERE UserID = @UserID -- Some user ID parameter

It is easy to manipulate the query!

How? Well, by entering the wrong input, for example:

99 OR 1 = 1

In this case 1 = 1 will always be true, so irrespective if whether or not there is a user with the ID 99, it will still return all the users.

 

Visit the DevX Tip Bank

 





   
Thanks for your registration, follow us on our social networks to keep up-to-date