Now a days we are using the web applications, but the application code is not secured so there is existence of the SQL injection attacks. In web applications with the help of the internet explorer the user tries to access the information. But most of the web applications are affected by the SQL-injection attacks.
Our main aim of the research is to find the method which is able to detect and prevent our web applications from the SQL Injection attacks .In our approach firstly we check the length of the original SQL Query and store its length value. If there is another Query which is used for SQL-Injection attacks, then we too check the length of this SQL Query and stores its value. If the length of both the queries is same then the second Query is not the SQL-Injection Query, else the other Query is SQL-injection Query. If there is SQL-Injection attack then we don’t allow attacker to access the database by giving the access deny or by giving the error message.