Imagine a website where users enter their username and password. If the website's database queries are not secure, what can happen if someone uses SQL injection?
Think about what happens when user input is treated as code.
SQL injection allows attackers to run harmful commands on the database, leading to unauthorized data access or changes.
Consider this SQL query used in a login system:
SELECT * FROM users WHERE username = '{user_input}' AND password = '{user_input_password}';If a user inputs ' OR '1'='1' -- as username and anything as password, what will the query return?
Look at how the OR condition affects the WHERE clause.
The injected OR condition makes the WHERE clause always true, so all rows are returned, bypassing login checks.
Find the syntax error in the following SQL statement:
INSERT INTO users (username, password VALUES ('alice', 'pass123');Check the parentheses around the column list.
The opening parenthesis after column names is not closed before VALUES keyword, causing syntax error.
You have a users table with columns: id, username, password_hash, email.
To speed up login checks and prevent unauthorized data access, which index is best to create?
Think about which column is used to find users during login.
Indexing username speeds up lookups and helps enforce uniqueness, reducing risk of unauthorized access.
Given this query:
SELECT username, password FROM users WHERE active = 1;
Why is this a security risk?
Consider what data should never be exposed in queries.
Passwords or their hashes should never be returned in queries to prevent attackers from stealing them.