SQL Injection
SQL, which stands for Structured Query Language, is widely used in web applications to store and retrieve data from databases. SQL is a subtle and complex topic, so for now we’ll cover just enough to understand one of the most common database attacks, the SQL injection.
The examples in this chapter are written to work on MySQL,[28] a widely used open source database. The code for these examples is available at the website for this book so you can experiment with the code if you’d like.[29] We won’t cover MySQL installation in this chapter, though, since it’s covered in detail on the official MySQL website.
How SQL Works
The first step in using SQL is to establish a connection to the database that people can connect to directly using ...
Get Practical Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
