Home >Backend Development >PHP Problem >What is SQL injection?
Introduction to sql injection
1. What is sql injection
SQL injection is an attack method that adds sql code to the input parameters and passes it to the sql server for parsing and execution. .
2. Normal behavior, such as getting the id to get the content of the article (case)
3. Manually add parameters in the browser or 1=1 (Always true); This resulted in unexpected behavior, artificially obtaining the contents of the entire table, and achieving the purpose of the attack.
The input parameters are not filtered and are directly spliced into the sql statement and parsed and executed directly.
For more related questions, please visit the PHP Chinese website: PHP Video Tutorial
The above is the detailed content of What is SQL injection?. For more information, please follow other related articles on the PHP Chinese website!