SQL INJECTION Mariadb/Mysql

En este video veras como hacer una SQL INJECTION, esto muestra el porque se deben validar caracteres en las consultas.
In this video you will see how to do a SQL INJECTION, this shows why characters must be validated in queries.
Example:

SELECT * FROM users where name = ‘usuario’ or ‘1’ = ‘1’ password = ‘usuario’ or ‘1’ = ‘1’;

Validar si escapa caracteres. CORRECTO
Check if escaping characters. CORRECT

Acuerdense que la consulta nos piden dos condiciones verdaderas.
Remember that the query asks us for two true conditions.

1 = 1 always is correct .-.

link: https://demo.testfire.net/index.jsp