[Show abstract][Hide abstract] ABSTRACT: Database driven web application are threaten by SQL Injection Attacks (SQLIAs) because this type of attack can compromise confidentiality and integrity of information in databases. Actually, an attacker intrudes to the web application database and consequently, access to data. For stopping this type of attack different approaches have been proposed by researchers but they are not enough because most of implemented approaches cannot stop all type of attacks. In this paper all type of SQL injection attack and also different techniques which can detect or prevent them are presented. Finally we evaluate these approaches against all types of SQL injection attacks.