webcrab Posted June 14, 2020 Share Posted June 14, 2020 I was looking through this: https://www.w3schools.com/sql/sql_injection.asp and it says that ""="" in the WHERE part of any SQL statement evaluates to True. I don't understand why that happens, though, but I can get the same result set by providing an arbitrary integer instead of ""="". Can someone break this down for me please? Link to comment Share on other sites More sharing options...
webcrab Posted June 15, 2020 Author Share Posted June 15, 2020 Got it now. What "" = "" means is basically "an empty string to the left of the equals sign and the string to the right thereof are equal". Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now