GlossariesGCSE GlossariesGCSE Computer Science GlossarySQL injection

SQL injection - GCSE Computer Science Definition

Reviewed by: Robert Hampton

Published

SQL injection is a type of cyber attack where someone tries to mess with a website’s database by entering malicious code into a text form field or URL. Imagine you’re using a form on a website to enter your username and password. If the website isn’t protected properly, a hacker could sneak malicious code into those fields instead of the normal information, tricking the website into giving away private data like personal details or passwords. This happens because the website takes the input and uses it directly in database commands without checking it first. To stop SQL injections, programmers need to make sure their websites carefully check or "validate" anything that users input to keep the data safe and secure.

Examiner-written GCSE Computer Science revision resources that improve your grades 2x

  • Written by expert teachers and examiners
  • Aligned to exam specifications
  • Everything you need to know, and nothing you don’t
GCSE Computer Science revision resources

Share this article

Robert Hampton

Reviewer: Robert Hampton

Expertise: Computer Science Content Creator

Rob has over 16 years' experience teaching Computer Science and ICT at KS3 & GCSE levels. Rob has demonstrated strong leadership as Head of Department since 2012 and previously supported teacher development as a Specialist Leader of Education, empowering departments to excel in Computer Science. Beyond his tech expertise, Robert embraces the virtual world as an avid gamer, conquering digital battlefields when he's not coding.

The examiner written revision resources that improve your grades 2x.

Join now