Sql Injection is not the top "danger". At the CVE score of about 6-7.
Of course it all depends on configuration, privileges, upgrades, etc.
But it is worth considering the fact that the bulk of vulnerabilities such as sql injection is still not error with union base, 80% blind, making it difficult to conduct the operation, but if the admin doesn't sleep in the same Shoe, you completely eliminate and fix.
The receiving structure may take two days. Let's not forget also about WAF's, cloudflare, incapsula.
Well, even in the case of the sleeping admin, let's say it was the records privileged zapasami resource. Again, the question to the developer.. With md5,sha1, everything is clear, and be in at least 8мизначный blowfish password even in words, this factor is usually just delayed, because the observing methods, the minimum password policies and encryption may present security pretty for a long time (of course not excluding planovoe changing passwords).
Suppose the purpose of life was to discredit the service, and the poor guy spent about a week on promotion whine crawls waf, and iterating a hash of the administrator. I hope php is configured properly, and do not have any privileges from the mysql user of the type dba grand. But even in such case, you can protect sensitive data, even if complete draining of the database. Encrypt important data by storing the key is not in the database. This best practice vstrechaetsya rarely, usually on huge resources, and with "delicious" for attackers.
Yes pricniple as an example of such a standard for storing your credit cards, if the admin wants to log. braintree and a bunch of other solutions, but still with a powerful monitoring, and cool features.
In fact rather trivial steps when the specifics and the load of the resource.
But still damn terrible as he is painted) a talented hacker will be on one vector of attack is always greater than the applied means of protection and fix. Do not forget about a few dozen much more serious vulnerabilities than injections. And to understand that the question is only in time. Sooner or later appear loophole, does not take into account an admin, or another 0day.. And cried all the works on defense