Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.fsmpi.rwth-aachen.de!newsfeed.straub-nv.de!eternal-september.org!feeder.eternal-september.org!mx02.eternal-september.org!.POSTED!not-for-mail
From: "Tony Johansson" <johansson.andersson@telia.com>
Newsgroups: comp.databases.ms-sqlserver
Subject: Re: SQl -injection
Date: Thu, 29 Jan 2015 11:03:22 +0100
Organization: A noiseless patient Spider
Lines: 39
Message-ID: <mad0gl$bf8$1@dont-email.me>
References: <maai3j$iu8$1@dont-email.me> <maaotr$e36$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; format=flowed; charset="Windows-1252"; reply-type=response
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 29 Jan 2015 10:03:01 +0000 (UTC)
Injection-Info: mx02.eternal-september.org; posting-host="8fdc2b5af81c338deb7045fc6c39b0e2"; logging-data="11752"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18l/0MMBEPd6kJPua7Pf+8G"
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6002.18463
In-Reply-To: <maaotr$e36$1@dont-email.me>
X-Newsreader: Microsoft Windows Mail 6.0.6002.18197
Cancel-Lock: sha1:bQ4VqYbPFsTKoJJfrEkAnnX/4o4=
X-Priority: 3
X-MSMail-Priority: Normal
Xref: csiph.com comp.databases.ms-sqlserver:1867

Yes I can understant why it fetches alla the rows now.
Many thanks.

//Tony

"Lennart Jonsson" <erik.lennart.jonsson@gmail.com> skrev i meddelandet 
news:maaotr$e36$1@dont-email.me...
> On 2015-01-28 12:45, Tony Johansson wrote:
>> In the form there is a text field for name
>>
>> This query is meant to be used like his
>> select Namn, Adress, Telefonnummer
>> from Abonnent
>> where Namn = 'Olle Karlsson'      //This name is fetched from the text
>> field name in the form
>> and hemligtNummer = false;
>>
>> If now the user enter some strange character in the text field in the
>> form like this
>> select Namn, Adress, Telefonnummer
>> from Abonnent
>> where Namn = 'Olle Karlsson' or 'a'='a' or 'a'='a'
>> and hemligtNummer = false;
>>
>> I don't understand how the second query can result that all rows will be
>> fetched
>>
>
> The where clause evaluates to
>
>     where Namn = 'Olle Karlsson'
>        or 'a'='a'
>        or ('a'='a' and hemligtNummer = false);
>
>
> /Lennart
>
>