A common mistake many developers make is using their MySQL database to validate a user name and password combination.
Here’s a typical SQL query checking for the existence of a user trying to login:
SELECT 1 FROM WHERE USERNAME="" AND USERPASSWORD=""
If a record matches, the database returns that record and the process continues.
But in MySQL, the above query allows a person with knowledge of the just the USERNAME alone to gain access to the system without much difficulty.
For instance, suppose a user keys in the value for USERNAME as
Here’s an effective query:
SELECT 1 FROM WHERE USERNAME=""
Always be sure to check whether the username contatins a character like “##” and throw an appropriate error before even sending it to the database.