Tip: SQL Injection, Part 1

Tip: SQL Injection, Part 1

SQL injection is probably the most common and easiest hacking technique out there. Now, don’t think I condone it, I’m just trying to make you aware of some of the techniques used.

Let’s say, for example, your database on a website runs a query that looks like the following:

SELECT * FROM Users WHERE UserID = @UserID -- Some user ID parameter

It is easy to manipulate the query!

How? Well, by entering the wrong input, for example:

99 OR 1 = 1

In this case 1 = 1 will always be true, so irrespective if whether or not there is a user with the ID 99, it will still return all the users.


Visit the DevX Tip Bank



About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist