Monday, 19 November 2018
sql server - What is mean -- ' in mysql injection?
Answer
Answer
I am studying about mysql injection.
To complete query command, Injection code use -- '.
In mysql cmd, '' -- ' is work.
But '' --' is not work. It is waiting '
why '' -- ' is work?
Answer
All these things has absolutely nothing to do with "injections".
That's SQL syntax.
-- means comment
as it was pointed out in the comments, a space is necessary after two dashes (in mysql though. in Postgres, AFAIK, no space is required, which is a source for some unwanted behavior, like decrementing a field with negative value, foo = foo --1)
Subscribe to:
Post Comments (Atom)
php - file_get_contents shows unexpected output while reading a file
I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print ...
No comments:
Post a Comment