Why would someone use WHERE 1=1 AND <conditions> in a SQL clause?

Posted by Bogdan Maxim on Stack Overflow See other posts from Stack Overflow or by Bogdan Maxim
Published on 2008-10-28T10:37:04Z Indexed on 2010/05/24 17:31 UTC
Read the original article Hit count: 200

Filed under:
|

Why would someone use WHERE 1=1 AND <conditions> in a SQL clause (Either SQL obtained through concatenated strings, either view definition)

I've seen somewhere that this would be used to protect against SQL Injection, but it seems very weird.

If there is injection WHERE 1 = 1 AND injected OR 1=1 would have the same result as injected OR 1=1.

Later edit: What about the usage in a view definition?

© Stack Overflow or respective owner

Related posts about sql

Related posts about dynamic-sql