How Sql statements work?
I'm trying to test SQL injection on a site (PHP, uses MySQL Database). When I put an apostrophe in the username field and leave the password box blank, after submitting, the form reloads and the fields become empty again. But when I used an apostrophe in the password field, the message says "Invalid Username/password".
What does that indicate? And if I put admin' as username (don't add comments) and in the password field, write ;Drop Table users; (don't add comment) are my comments gonna work?
RELATED QUESTIONS
RELATED TOPICS
ABOUT ANSWERBAG
Answerbag wants to provide a service to people looking for answers and a good conversation. Ask away and we will do our best to answer or find someone who can.We try to vet our answers to get you the most acurate answers.
Copyright 2023, Wired Ivy, LLC