Is this query vulnerable to sql injection?
Posted
by user294924
on Stack Overflow
See other posts from Stack Overflow
or by user294924
Published on 2010-03-16T16:24:11Z
Indexed on
2010/03/16
16:41 UTC
Read the original article
Hit count: 423
$myq = sprintf("select user from table where user='%s'", $_POST["user"]);
I would like to know if the above query can be exploited using SQL injection. Is there any advanced SQL injection technique that could break sprintf
for this particular query?
© Stack Overflow or respective owner