Security vulnerabilities

Never trust user input.

The idea

The most common security vulnerability (OWASP Top 10) is Injection. This happens when an application takes untrusted data from a user (like a form field) and sends it directly to an interpreter (like a SQL database) without validation or escaping.

If an attacker enters `' OR 1=1 --` into a login field, and the server blindly concatenates it into `SELECT * FROM users WHERE user = '` + input + `'`, the resulting query becomes `SELECT * FROM users WHERE user = '' OR 1=1 --'`. Since 1=1 is always true, the attacker logs in as the first user in the database!

Server-Side SQL Query
SELECT * FROM users WHERE email = 'admin@test.com'
Normal input works fine. But what if you type: ' OR 1=1 -- ?

How it works (Parameterized Queries)

# BAD: String Concatenation (SQL Injection)
# Input: "' OR 1=1 --"
# Result: "SELECT * FROM users WHERE email = '' OR 1=1 --'"
db.execute("SELECT * FROM users WHERE email = '" + user_input + "'")


# GOOD: Parameterized Queries (Safe)
# The database treats the input strictly as a literal string value,
# NOT as executable SQL syntax. The ' OR 1=1 is harmless data.
db.execute("SELECT * FROM users WHERE email = ?", (user_input,))