Before embarking on a discussion on how to code with a security mindset, consider some of the common techniques hackers use to try and breach a website.
One of the most common forms of attack is SQL injection. Many websites rely on a database to store information for the site and for user authentication. An injection attack tries to modify SQL code that is sent to the database in order to manipulate the site or circumvent user authentication. It works through HTML forms, in which data is entered by users, or in this case by an attacker.