sql injection for mySQL?
I've heard stories about SQL Injection for SQL Server...is there any for mySQL? I tried doing it, using the '#' as a comment sign, and it just gave me syntax errors...here is what i typed:
But, nothing works...
';" DROP TABLE Test #
So, just in case, if it finds these chars:
It will redirect them back, before it even checks the database...is that good solution? What could smart people do to get around that?
Have you read this thread?
...or this article? Great topic...