What is SQL Injection?
SQL Injection (Or SQLi for short) is a method of code injection into Structured Query Language (SQL) databases. It exploits a security issue where a user's input is not correctly filtered, usually due to poorly coded query language interpreters.
Consider this code:
Code:
statement = "SELECT * FROM `members` WHERE `user` = '" + user + "';"
The above statement selects the
Posted in: Website Hacking
