SQL

Definition

SQL (Structured Query Language) is a standardized programming language used for managing and manipulating relational databases. It allows users to perform various operations such as querying data, updating records, and managing database schemas. SQL is widely used in database management systems like MySQL, PostgreSQL, and Microsoft SQL Server, providing a powerful interface for interacting with structured data.

Secure Settings Example

-- Using parameterized queries to prevent SQL injection
PREPARE stmt FROM 'SELECT * FROM users WHERE username = ?';
SET @username = 'exampleUser';
EXECUTE stmt USING @username;
DEALLOCATE PREPARE stmt;

Insecure Settings Example

-- Concatenating user input directly into SQL queries, vulnerable to SQL injection
username = "exampleUser";
query = "SELECT * FROM users WHERE username = '" + username + "'";
execute(query);