.
.

SQL Injection


injectionSQL is pronounced “SEE-quel.” It’s an acronym for “Structure Query Language” and it’s the syntax that’s used to interact with a SQL Database which is very common in the world of web design.

Years ago, something called “SQL Injection” became a problem because of the way it could be used to destroy whole databases. The way that it works is this:

Imagine you’re logging into a website. You’re going to enter your email address and your password, but instead of just entering your email address, you include a series of characters that tell the database to delete a bunch of information.  In other words, you’re including some SQL code along with your credentials that can erase an entire system.

There are safeguards in place to prevent that from happening, but when this practice was first introduced, it took a lot of organizations by surprise and a great deal of damage was done.

What makes it so lethal is the way that a sinister user can submit something that’s accurate – a valid email address and password – and simply include something toxic. On the surface, it’s not especially discernible and because what’s being submitted has the look and feel of something credible, a poison is introduced into the system that would otherwise be refused.

Life is like that sometimes.

You find yourself allowing things into your existence that are positively ruinous, but because it’s packaged as something innocent and even noble, it’s corrosive effect is willingly embraced.

In order to avoid such scenarios, you have to be discerning – you have to be able to distinguish the difference between what’s accurate and what’s true.

“Statistics”

“Experts”

“Compassion”

“Justice”

“Fear”

“Hate”

You’ve heard every one of those terms. And while they represent legitimate entities, sometimes they’re used as valid login credentials that have attached to them some SQL that’s designed to destroy your database.

SQL Injection.

So, how do you avoid it?

Pop the hood. Look inside those numbers. Just because someone has some credentials, does’t mean they’re unbiased. You don’t need to be suspicious or guarded, but you do need to be wise. God Himself says the same thing in 1 John:

Beloved, do not believe every spirit, but test the spirits to see whether they are from God, for many false prophets have gone out into the world. (1 Jn 4:4)

Don’t let somebody just login to your life. “Test the spirits” and guard against the SQL Injection that sinister characters would use to manipulate and even destroy your livelihood, your health, your family, your nation and even your soul.

Go get ‘em!




Leave a Reply