18. SQL Injection Example

The previous video mentioned SQL Injection. The following is an optional reading about SQL Injection.

SQL Injection Example

Let’s say you had an edit text that allowed a user to type in an integer and get an id. A friendly user might type “2” to search for the second pet in the database. You could make the string - userInput is “2”

String selection = “PetEntry._ID + " == " + userInput + “;”;

Which in this case would be:

_ID == 2;

But if they were evil and knew how to use SQLite, they could type something like:

“1; DROP TABLE pets;”

Which if we used

String selection = “PetEntry._ID + " == " + userInput + “;”;

would make the final string:

_ID == 1; DROP TABLE pets;

The problem is that when the SELECT statement is called, the DROP TABLE statement which was “injected” in there by the evil user, will also we called. Essentially, we let the user do something catastrophic to the pet database because we gave them a way to execute any SQL statements they want on the database.