What is SQL injection?

Question Posted / guest

2 Answers
6473 Views
I also Faced
E-Mail Answers

Answers were Sorted based on User's Feedback

What is SQL injection?..

Answer / p.ramakrishna

An SQL injection attack "injects" or manipulates SQL code
by adding unexpected SQL to a query.
Many web pages take parameters from web user, and make SQL
query to the database. Take for instance when a user login,
web page that user name and password and make SQL query to
the database to check if a user has valid name and password.
Username: ' or 1=1 ---
Password: [Empty]
This would execute the following query against the users
table:
select count(*) from users where userName='' or 1=1 --' and
userPass=''

Is This Answer Correct ?

5 Yes

1 No

What is SQL injection?..

Answer / sathya s.d.

using sql query in a login id and password and automaticaly
login by verifying raw query with database..

Is This Answer Correct ?

0 Yes

0 No

Post New Answer

More ASP.NET Interview Questions

Your manager has asked you to describe what you would use application variables for. What statement best describes the use of application variables? a) Application Variables are used to keep state for each connected user. b) Application Variables are used to keep state for the web site c) Application Variables are used to keep state for the application on the server d) Application Variables are used to keep state for all applications objects in the web site.

1 Answers Syntax Softtech,

Asp pages that worked pefectly on windows 2000 server and iis 5.0 do not work on windows 2003 server with iis 6.0. Asp.net pages work fine. Why?

0 Answers

Is redux flux?

0 Answers

“~” means in asp.net application?

4 Answers IBS,

Is it possible to change the index of primary key on table?

0 Answers

About delegates ?

7 Answers TCS,

IN an ASP.NET Web application if there is any error, how can you debug?