SQL Injection is a technique used to exploit security holes in a system using SQLs such as MySQL. This kind of security hole usually occurs when a programmer doesn’t filter quotes or other meta-characters properly. The following code is an example of a such a vulnerability.
if(mysql_query(”SELECT * FROM member_tables WHERE id = ‘”.$login_id.”‘ and password [...]