SQL Injection

SQL Injection

SQL Injection

        
              $sql = "SELECT * FROM user WHERE username = '" .
              $_POST['username'] . "' AND password = '" . $_POST['password'] . "'";

?username=admin%27+-- (admin' --)

?username=?username=admin%27+OR+%27a%27%3D%27b (admin' OR 'A'='A)

Use subsystem specialized method for quoting/escaping
- mysql_escape_string ()
- pg_escape_string ()
- dbms_escape_string ()
- add_slashes() // last resort