These apps were developed to show the vulnerabilities and safeguards against SQL Injection. Each app presents a store front to the user and retrieves data from a MySQL server.
- vulnerable_app.php - The app that is prone to sql injection attacks. Obviously usernames and passwords must be substituted for reuse.
- protected_app.php - The app that is protected against sql injection attacks by implementing prepared statements.
- test.sql - A list of possible queries to expose the database.
Keep in mind that an extra space is necessary after the ending two dashes in each query.