You are viewing a single comment's thread.

view the rest of the comments →

0
1

[–] Naked_Dave 0 points 1 points (+1|-0) ago  (edited ago)

Newb here, So I'm kind of getting this, you're closing the string with ";)", and then "drop table users" is something server related, maybe SQL? What's the "--"?

0
2

[–] NassTee 0 points 2 points (+2|-0) ago 

The -- makes anything after it into a comment which is ignored by the database. This prevents the remainder of the original command from making the whole thing invalid.

0
1

[–] Naked_Dave 0 points 1 points (+1|-0) ago 

Gotcha, so I guess it's a dev's job to account for such input. Security and hacking seem very interesting but it seems to me you need to have a lot more knowledge of CS than what it takes to do basic QA and programming.

0
1

[–] fedevela [S] 0 points 1 points (+1|-0) ago 

Basic SQL injection

0
0

[–] Naked_Dave 0 points 0 points (+0|-0) ago 

Yeah, that's what I gathered from a basic search. I don't have that much familiarity with SQL and databases but plan to learn about it soon.