SQL injection attacks are attacks against websites that rely on relational databases.
In this type of site, parameters are passed to the database in the form of an SQL query. As such, if the designer does not verify the parameters passed in the SQL query, a hacker can modify the query in order to access the entire database and even to modify its content.
Some characters make it possible to string together several SQL queries or to ignore the rest of the query. By inserting this type of character in the query, a hacker can potentially execute the query of his choice.
Given the following query, waiting for a user name as a parameter:
SELECT * FROM users WHERE name="$name";
A hacker simply needs to enter a name such as "toto" OR 1=1 OR name ="titi" for the query to become as follows:
SELECT * FROM users WHERE name="toto" OR 1=1 OR name ="titi";
Moreover, some database management systems such as Microsoft SQL Server have stored procedures that make it possible to launch administration commands. These stored procedures are potentially dangerous in that they can make it possible for a malicious user to execute system commands that may lead to a possible intrusion.
A number of rules can help you protect yourself against SQL injection attacks: