Re: 1' and '1' or '1

I diagree on point 1. If you warn your members that their password is insecure, and if you e-mail out passwords anyway, there's no reason not to have a secure password. Many people I know use an insecure password for many things, from silly required free registration sites (go ahead, break

1' and '1' or '1

Hi A user was able to log into my site using: 1' and '1' or '1 in the username and password box. I ran the query SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1' and '1' or '1' And it returned all rows. Can someone explain to me why this happens, and if the steps I

RE: 1' and '1' or '1

The Innovation Hub - Hotel Street Lynnwood, Pretoria, 0087 The are 10 kinds of people, those who understand binary and those who don't -Original Message- From: Critters [mailto:[EMAIL PROTECTED] Sent: 10 May 2006 10:53 AM To: mysql@lists.mysql.com Subject: 1' and '1' or '1 Hi A user was able

Re: 1' and '1' or '1

Quoting Critters ([EMAIL PROTECTED]): SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1' and '1' or '1' And it returned all rows. Can someone explain to me why this happens, and if the steps I took (replacing the ' with a blank space when the user submits the login

Re: 1' and '1' or '1

On Wednesday 10 May 2006 09:53, Critters wrote: Hi A user was able to log into my site using: 1' and '1' or '1 in the username and password box. I ran the query SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1' and '1' or '1' And it returned all rows. Can someone

Re: 1' and '1' or '1

://www.databasedevelopmentforum.com Hi A user was able to log into my site using: 1' and '1' or '1 in the username and password box. I ran the query SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1' and '1' or '1' And it returned all rows. Can someone explain to me why this happens

Re: 1' and '1' or '1

At 9:53 +0100 10/5/06, Critters wrote: A user was able to log into my site using: 1' and '1' or '1 in the username and password box. I ran the query SELECT * FROM members WHERE name = '1' and '1' or '1' AND password = '1' and '1' or '1' And it returned all rows. Interesting - I found just

Re: 1' and '1' or '1

for a brief explanation and several links to further info. http://en.wikipedia.org/wiki/SQL_injection /Johan Critters wrote: Hi A user was able to log into my site using: 1' and '1' or '1 in the username and password box. I ran the query SELECT * FROM members WHERE name = '1' and '1' or '1

Re: 1' and '1' or '1

Tahnks all for your responses (so many) I am reading up on it now -- Dave - Original Message - From: Johan Lundqvist [EMAIL PROTECTED] To: mysql@lists.mysql.com Sent: Wednesday, May 10, 2006 10:26 AM Subject: Re: 1' and '1' or '1 Hi Dave, 1st: Never, never, never store passwords

Re: Meaning of 1:1, 1:1 generalization, 1:n, 1:n non identifying, n:m

weird... about 1:! generalization and 1:m non identifying... I think that these examples can make it better to understand some of those terms... I am quoting from Database Systems -- Design, Implementation Management fouth edition by Rob Coronel (page 23) Conceptual Modules use three types

Meaning of 1:1, 1:1 generalization, 1:n, 1:n non identifying, n:m

Hi All, I've been taking a look at DB Designer 4, and looking through the documentation (http://www.fabforce.net/dbdesigner4/doc/index.html) I am a little unclear on some of their nomenclature: '1:1' - Ok, one to one. Got it. '1:1' generalization - Don't know this. Obviously different