Sql injection is an attack in which malicious SQL Statements are injected into a SQL database to gain stuff like sensitive information,modify databases,and potentially even get a shell.They are very easy to avoid though but stilll happpen a lot.
SELECT → Retrivies data from a table for us
INSERT → Adds data to a table
DELETE → Removes data from a data table
UPDATE → Modifies data in a table
DROP → Delete a whole table
UNION → Combines data from multiple queries
WHERE → Filters records based on spefic conditions
AND/OR/NOT → Filter records based on multiple conditions
ORDER BY → Sorts records in ascending /descending order.
Example Statements →
SELECT * FROM Users; #Selects everything from a user table for us basically.
SELECT UserID UserName From Users; # Selects every Userid ,username from the table.
SELECT * FROM Users WHERE Country='RU'; # Selects everyone whose country is RU in the Table
SELECT * FROM Users WHERE Country="US"AND UserName='Frank'; #Selects a user whose name is Frank and is from the US.