takn25 Posted March 19, 2011 Share Posted March 19, 2011 Hi I havent used mysql_real_escape_string currently. I am trying to login with the SQL injection trick username = ' ' OR 1 password = ' ' OR 1 It doesnt seem to do anything could some one tell me what can I enter to login with out entering valid details from my database. I want to learn this so i can prevent and test if everything is going as planned. Link to comment https://forums.phpfreaks.com/topic/231127-i-tried-testing-for-sql-injection/ Share on other sites More sharing options...
The Little Guy Posted March 19, 2011 Share Posted March 19, 2011 Try this for the user name and password: ' or 1=1-- Link to comment https://forums.phpfreaks.com/topic/231127-i-tried-testing-for-sql-injection/#findComment-1189670 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.