What is SQL Injection (SQLi)? How do you Prevent SQLi Attacks? Everyone knows of the abundance of risks to running a website today. It seems that every day a new security exploit is created. Starting from DDoS attacks, to “Man in the Middle” to Phishing and the list goes on and on, however, the number one threat today still remains the same, and it’s called SQLi. What is SQL Injection (SQLi)? SQL (Structured Query Language) is a standard database language for creating, maintaining, and retrieving data stored in a relational database. Some of the most popular relational databases include big names like MySQL, Microsoft SQL Server, Oracle Database, IBM Informix, and PostgreSQL among others. SQL Injection (SQLi) is a code injection technique used by hackers and other malicious users to gain unauthorized access to web databases. It is usually used to gain access to SQL-based databases such as MySQL, Oracle,....
Great post containing valuable information! I would suggest -if you ever decide to revise it-, to include examples of code changes that could be made in order to prevent the SQLi attacks! Keep up the good work!