Home > Networking > Threat & Vulnerability > SQL Injection basic concept

SQL Injection basic concept

By /

What’s SQL Injection?

Imagine my blog has a login box—username and password. Behind the scenes, it’s talking to a database (like a digital filing cabinet) using SQL (Structured Query Language), a way to ask for data. SQL injection is when a hacker types bad stuff into that box to trick my server into spilling secrets—like all my users’ passwords—or even breaking the site.

  • Normal User: Types “LazyGuy” and “password123.”
  • Hacker: Types something sneaky to mess with the SQL code.

It’s like slipping a fake order into my coffee shop to grab free lattes—or the cash register!

How Does It Happen? A Simple Example

Let’s say my login checks your username and password with this SQL command on the server:

sql

SELECT * FROM users WHERE username = 'LazyGuy' AND password = 'password123';
  • What It Does: Looks in the “users” table for a match. If it finds “LazyGuy” with “password123,” I’m in!

Now, picture a hacker typing this into the password field:

sql

' OR '1'='1

The full SQL becomes:

sql

SELECT * FROM users WHERE username = 'Hacker' AND password = '' OR '1'='1';
  • What’s Sneaky: ‘1’=’1′ is always true. The “OR” tricks the server into saying, “Eh, close enough—log them in!” No password needed—yikes!
  • Result: Hacker logs in as “Hacker” (or any user) without knowing the real password.

They could also type:

sql

'; DROP TABLE users; --

Turning it into:

sql

SELECT * FROM users WHERE username = 'Hacker' AND password = ''; DROP TABLE users; --';
  • Boom: Deletes my entire users table—goodbye blog logins!

This happens via input fields—like a POST request (web form data) hitting my server with a crafted payload.

Real Code Example (Super Basic)

Here’s a fake login page in PHP (a language WordPress uses):

php

<?php
$username = $_POST['username']; // From form
$password = $_POST['password']; // From form
$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$result = mysqli_query($connection, $query); // Runs the SQL
if ($result->num_rows > 0) {
    echo "Welcome!";
} else {
    echo "Wrong login!";
}
?>
  • Normal Input: Username “LazyGuy,” Password “password123”—works fine.
  • Hacker Input: Password ‘ OR ‘1’=’1—bypasses the check!

That’s SQL injection—slipping SQL commands into inputs to fake out the server.

How to Defend Against SQL Injection

Good news: it’s fixable! Here’s how to protect https://www.lazy-guy.xyz/ (or any site):

  1. Input Parameter Checks (You’re Right!)
    • What: Clean inputs before they hit the database—block weird stuff like ‘ OR ‘1’=’1.
    • How: In PHP, use mysqli_real_escape_string():php$username = mysqli_real_escape_string($connection, $_POST['username']); $password = mysqli_real_escape_string($connection, $_POST['password']); $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
      • Escapes special characters (e.g., ‘ becomes \’), breaking the hack.
    • Why It Works: Stops SQL commands from running wild—hacker input becomes harmless text.
  2. Prepared Statements (Even Better)
    • What: Pre-build the SQL, then slot in inputs safely—no trickery allowed.
    • Example:php$stmt = $connection->prepare("SELECT * FROM users WHERE username = ? AND password = ?"); $stmt->bind_param("ss", $username, $password); // "ss" = two strings $stmt->execute(); $result = $stmt->get_result(); if ($result->num_rows > 0) { echo "Welcome!"; } else { echo "Wrong Classics login!"; }
      • Why: The ? placeholders keep inputs separate from the SQL—no injection possible.
  3. WordPress Bonus: If I add a custom login to my blog (not core WP login), plugins like Wordfence or iThemes Security scrub inputs automatically. Lazy win!
  4. Limit Database Permissions: Set my database user (e.g., wp_user) to only SELECT or INSERT—no DROP privileges. Hacker can’t nuke tables!

Does Input Checking Eliminate It?

You nailed it—yes, checking inputs (like escaping or prepared statements) can eliminate SQL injection 99% of the time! It’s the go-to fix because:

  • Stops bad SQL from running.
  • Simple to add (even I can do it!).
  • Covers most attack tricks.

The catch? If I miss a field or mess up the code, a zero-day twist (new hack) might slip through. That’s why pros layer defenses (e.g., Wordfence + prepared statements).

Wrap-Up: Keeping My Blog Safe

SQL injection is like a hacker scribbling on my order pad—but with input checks and smart coding, I can lock it down. For https://www.lazy-guy.xyz/, I’ll stick to WordPress defaults (it’s pretty secure) and prep for AdSense cash. Next time, maybe I’ll code a mini-app—safely, of course!

Got questions? Ping me at [email protected]—no SQL hacks, please! What’s the scariest hack you’ve heard of?

Related posts:

  1. Share a real world cyber security drill
  2. What are backdoor in cyber security?
  3. Use metasploit to perform quick scan for your wordpress
  4. Cisco Splunk with Secure Network Analytics vs. Darktrace – Comparative Analysis for Network Security Deployments

Powered by YARPP.

Leave a Comment