Discuss the SQL Injection attack in brief.
In : MSc IT Subject : Web Development with PHPSQL Injection is a cyber attack where hackers insert malicious code into website forms to steal or manipulate database information. It happens when websites don't properly check user input before using it in database queries.
Normal Login Process:
sql
SELECT * FROM users WHERE username = 'john' AND password = 'mypass123'
SQL Injection Attack: If a hacker enters
' OR '1'='1 as username and anything as password, the query becomes:SELECT * FROM users WHERE username = '' OR '1'='1' AND password = 'anything'
Since
'1'='1' is always true, this gives the hacker access without knowing the real password.Real-World Impact
- Steal usernames, passwords, and personal data
- Delete or modify database records
- Gain unauthorized access to accounts
- Massive data breaches affecting thousands of users
Easy Prevention
Always use prepared statements instead of directly inserting user input into SQL queries:
Unsafe Code:
$query = "SELECT * FROM users WHERE user='$username' AND pass='$password'";
Safe Code:
$stmt = $pdo->prepare("SELECT * FROM users WHERE user=? AND pass=?");
$stmt->execute([$username, $password]);
SQL Injection is dangerous but easily preventable by properly handling user input in web applications.