If websites handle input fields like login forms the wrong way, we can use them to inject SQL.

Let's give that a shot!

Swee-heet! This input will change the query and lead to, well, unintended results for the website.

Safe! This input is legitimate and will not exploit the form.