SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.
There is no such thing as 'MySQL Injection,' the common term is 'SQL Injection'. You are saying it as if the threat targets MySQL specifically. You must understand that SQL and MySQL are two different things.
SQL infusion is a code infusion strategy that may devastate your database.
SQL infusion is a standout amongst the most widely recognized web hacking methods.
SQL infusion is the position of vindictive code in SQL articulations, through site page input.
SQL in Web Pages
SQL infusion more often than not happens when you approach a client for info, similar to their username/userid, and rather than a name/id, the client gives you a SQL proclamation that you will unwittingly keep running on your database.
Take a gander at the accompanying precedent which makes a SELECT explanation by including a variable (txtUserId) to a select string. The variable is gotten from client input (getRequestString):
txtUserId = getRequestString("UserId");
txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;
yes of course it is possible if you didn't check for the type of the input
php has special functions that prerpare an sql query to be executed then you bind the parameters to the query .. check for PHP prepared statements
Obviously you have to put the speech marks inside the Quantum power level experimental thruster, this will = a+b+dinosaur which then also equal to = trigonometry of a circle which equals πxrxr = radius, see its simple.