SQL Injection

SQL injection is a technique that allows hackers to gain access to a datebase. This is done when a website or interface asks for the user to input something such as their username or password, the hacker will then input a SQL statement which will run in your database without you knowning. The only current way to prevent a SQL injection is to use input validation and parametrized queries, developers should always santize all input to prevent the someone using SQL injection to gain access to their database.