In this section we will learn what is MySQL Injection and how to prevent it. If you are developing web application using PHP and then taking the input from user. You should take extra care while taking inserting the user input into database. You should not insert the raw user input into database. This tutorial explains discussing the issue which is known as SQL Injection.
What is SQL Injection?
The SQL Injection refers to the code injection technique for running MySQL statement on your database without your knowledge. This happens when you programming taking user input, and instead of providing the correct information, you user enters MySQL statement in it. This makes a security hole into your database. You should protect your database against such activity.
Recommend the tutorial