In s SQL statement-based portal, an attacker could provide a different entry that the system would recognize as valid — for example, username “1=1,” which the system would incorrectly read as “true” ...