My logs shows that we have tried with a SQL Injection attempt, but our engine has detected and avoided it but I am just curious, what are these SQL statements are intending to achieve?
SELECT * FROM lecturer WHERE recID='25 ' and exists (select * from sysobjects) and ''='' ORDER BY EntryDate DESC and SELECT * FROM lecturer WHERE recID='25' and char(124)+user+char(124)=0 and '%'='' ORDER BY EntryDate DESC If these were let in, what would have happened? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql
