SQL Injection AttacksImplement two different web sites having login pages with the following difference:$1.$In the first one, SQLi attacks should be possible$\mathrm{.}2.$In the second one, prevent SQLi attacks with parameterized query insertion.$$Loading$1.$ Details of the first Web siteCreate a simple Web application having two pages:The first page will be a user authentication page requiring correct user ID and password.If the user Id and password are entered correctly $($or if user is a registered user$),$ then he will be able to see the second page. $$Second page will include sensitive data $($you will decide the content of the page$).$You add other pages if required $($for example, user registration$/$sign in page$)\mathrm{.}1.$ Details of the first Web siteInstall a Web server and a DBMS $($For example, XAMPP$)$Create a database and a user table for authentication.User password should be stored as a hash value $($You can use MD$5,$ for example$).$For server side programming, you can use PHP or any other language.A browser should be used to connect to your application.$$LoadingYou will develop such a systemUser should be able to write the fields of the SQL query on forms$/$textbox$.$ The content of the textbox should be used to build SQL queries as follows:uName $=$ getRequestString$("$username$")$;uPass $=$ getRequestString$("$userpassword$")$;sql $=$ 'SELECT $*$ FROM Users WHERE Name $="\text{'}+$ uName $+\text{'}"$ AND Pass $="\text{'}+$ uPass $+\text{'}"\text{'}$On the server side:$-$Build SQL query using sent form$-$Execute SQL query$-$If SQL returns the specified user, then accept user for login and see the second page$\mathrm{.}1.$ Details of the first Web siteModify your first Web app to prevent SQLi attacks.You are expected to prevent SQLi attacks with parameterized query insertion.$2.$ Details of the second Web site$2.$ Details of the second Web siteSQL parameters are values that are added to an SQL query at execution time, in a controlled manner.

$10$:$00$

$72$

All iCloud

User should be able to write the fields of the SQL query on forms$/$textbox$.$ The content of the textbox should be used to build SQL queries as follows:

Username:

John Doe

Password:

uName $=$ getRequestString $("$username$")$;

uPass $=$ getRequestString$("$userpassword$")$;

$sql=$ 'SELECT $*$ FROM Users WHERE Name $=\text{'}$

$+$uName$+\text{'}$ AND Pass $=\text{'}+$uPass$+\text{'}\text{'}$

On the server side:

$-$Build SQL query using sent form

$-$Execute SQL query

$-$If SQL returns the specified user, then accept user for login and see the second page.

Details of the first

Web site

$0-$

o$-$

$$

$($A$)$