Code/Notes to explain SQL injection (pure draft)

$username = $_POST[‘username’];

SELECT * FROM users WHERE username = ‘$username’;
$username = jagdeep
SELECT * FROM users WHERE username = ‘jagdeep’;

$username = jd
SELECT * FROM users WHERE username = ‘jd’;

$username = jagdeep’ OR ‘1=1;
SELECT * FROM users WHERE username = ‘jagdeep’ OR ‘1=1′;

$username = jagdeep’; DELETE FROM users;–;
sanitize
1. SELECT * FROM users WHERE username = ‘jagdeep’;
2. DELETE FROM users;
3. –‘;

 

Minimum protection:
$username = mysql_real_escape_string($_POST[‘username’]);