10.9. Database SQL Injection

10.9.1. Prepare query

Listing 10.15. Query with SQL injection possibility
SQL_QUERY = f"""

    SELECT id, username, email
    FROM users
    WHERE username='{username}' AND password='{password}'

"""

10.9.2. Get user input

username = input('Username: ')
# ' OR 1=1; DROP TABLE users --

password = input('Password: ')
# 123

10.9.3. Execute query

Listing 10.16. Exploited SQL injection, will Select all users and then Drop all data from table users
print(query)
# SELECT id, username, email
# FROM users
# WHERE username='' OR 1=1; DROP TABLE users -- ' AND password='132'
../../_images/sql-injection.jpg

Figure 10.5. SQL Injection