Key Concepts

Review core concepts you need to learn to master this subject

SQL Injection

A SQL injection is a serious vulnerability affecting applications that use SQL as their database language. Through cleverly constructed text inputs that modify the backend SQL query, threat actors can force the application to output private data or respond in ways that provide intel. SQL injections attacks can ultimately be used to steal information and even take complete control of a system.

Preventing SQL Injection Attacks
Lesson 1 of 1
  1. 1
    SQL injections are common vulnerabilities that affect applications using SQL as their database language. Hackers can use their knowledge of SQL to construct text inputs that can trick an applicatio…
  2. 2
    Web forms present a security vulnerability on websites where hackers can potentially interact with a database. A seemingly harmless form or URL parameters can be a place for hackers to inject malic…
  3. 3
    One step of input sanitization is validating data input. Data validation is a process where a web-form checks if the information adheres to the expected format. validator.js provides many methods t…
  4. 4
    Another aspect of input sanitization is data sanitization. Data sanitization is the process of removing all dangerous characters from an input string before passing it to the SQL engine. For exampl…
  5. 5
    Arguably, the best technique to protect against SQL injections is a method called prepared statements. Prepared statements are predefined SQL queries that take user input and place them into placeh…
  6. 6
    Another way to implement prepared statements is to use named placeholders. Instead of using an array, we use an object to map the parameters to the query variables. Consider the following prepared…
  7. 7
    Great job! You now know some techniques to protect against SQL injections! SQL injection is a dangerous vulnerability and preventative measures should be implemented to make your database-driven ap…

What you'll create

Portfolio projects that showcase your new skills

Pro Logo

How you'll master it

Stress-test your knowledge with quizzes that help commit syntax to memory

Pro Logo