Welcome to this journey of understanding the concept of this famous vulnerability SQL Injection, we’ll try together to understand the basics and we’ll go step by step exploring it.
What’s a Web Application
Before going further, let’s first describe what’s a web application? A web application is an application that is accessed from a web browser, where the web browser will be the responsible for rendering the result coming from a web server.
Let’s take a simple example of this blog running under a Wordpress CMS, you’re reading this article from a web browser (Google Chrome, Firefox, Internet Explorer…) installed on your computer, the article is stored somewhere on a database server plus an HTTP Server rendering a server-side scripting language.
What I describe here is the combined parts that form a web app, the first part is the presentation of the result (a Web browser), the logic part (a server-side programming language in this case PHP), and in the end the database or the storage part (MySQL, SQL, Oracle…).