attacker deliberately input username as admin'--
select * from user where username='admin'--' and password='piggytail';
-->
select * from user where username='admin'
because -- is treated as comment/remark indicator
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment