Found 'OR 1=1/* sql injection in my newsletter database

Question

I found the following in the \"e-mail\" field of my newsletter subscriber database: \' OR 1=1/*

I know it\'s a SQL injection, but that\'s it. I\'ve goog

Answer 1

Its better if you use validation code to the users input for making it restricted to use symbols and part of code in your input form. If you embeed php in html code your php code have to become on the top to make sure that it is not ignored as comment if a hacker edit the page and add /* in your html code