With the expansion of internet, the number of users is increasing at an unimaginable rate. The same could be said about the web applications. A large number of web applications are user driven and requires some sort of storage of data in the SQL database. The security of these databases has emerged as one of the primary concern for both the users and the developers. For the web applications using SQL database as their back-end server, the authors are going to present some of the vulnerabilities and methods to eliminate them by using PHP and HTML code.