0
What is SQL injecting???
3 odpowiedzi
+ 2
If a website doesn't protect against it, you can use certain inputs that's sending info to a database and post your own code directly into the input box. Then when it gets read, it executes the code, which means you can easily manipulate their database. As such, make sure you always validate inputs and escape special chars so you don't have that issue.
+ 2
As @Netkos Ent indicates, any time you see the word "inject", it means you get to insert "something under your control" into a system that normally does not want that 'feature', causing it to trust your input as part of its internal operations, as if the programmer intended that to happen.
This is similar to a class of problems known as arbitrary code execution.
0
SQL injection is a code injection technique that might ruin your database.