أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.
SQL injection is a technique where malicious users can inject SQL commands into an SQL statements, via web page input.
Injected SQL commands can alter SQL statement and compromises the security of a web application.
It's always better to use stored procedures than inline query.