Hazards
SQL Injection
It's an often used way to attack the security of a badly designed web site or application by entering SQL statements in a form or input field. Thus allows unprivileged access to data or cause errors in the database.
Checking User Input in SQL Statements