Forums before death by AOL, social media and spammers... "We can't have nice things"
| comp.databases.ms-sqlserver | Notorious Rube Goldberg contraption | 19,505 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 19,144 of 19,505 |
| Lennart Jonsson to Tony Johansson |
| Re: SQl -injection |
| 28 Jan 15 14:41:48 |
From: erik.lennart.jonsson@gmail.com
On 2015-01-28 12:45, Tony Johansson wrote:
> In the form there is a text field for name
>
> This query is meant to be used like his
> select Namn, Adress, Telefonnummer
> from Abonnent
> where Namn = 'Olle Karlsson' //This name is fetched from the text
> field name in the form
> and hemligtNummer = false;
>
> If now the user enter some strange character in the text field in the
> form like this
> select Namn, Adress, Telefonnummer
> from Abonnent
> where Namn = 'Olle Karlsson' or 'a'='a' or 'a'='a'
> and hemligtNummer = false;
>
> I don't understand how the second query can result that all rows will be
> fetched
>
The where clause evaluates to
where Namn = 'Olle Karlsson'
or 'a'='a'
or ('a'='a' and hemligtNummer = false);
/Lennart
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
(c) 1994, bbs@darkrealms.ca