[driftson]

SQL* injection, idiotic that one cant edit thread names.


Stuck here, i need to inject this maliciously, eg. drop table String query = ("SELECT * FROM book WHERE book_id=" + book_id + ";"); the database tables are loan, book and user

 

[aidden]

You mean sql injection?

 

[driftson]

You mean sql injection?

yes, im doing a project in college and my bitch teacher ( which didnt attend 50% of lectures and didnt provide any notes what so ever ) wants me to inject the database but it just wont work.

 

[wet rag]

Scan with HaviJ?

 

[driftson]

[Java] public Book getBookById(String book_id) { //<editor-fold defaultstate=" - Pastebin.com basically is there any way to inject this, because i tried a lot ways like 5; drop table loan or 5; delete from loan where loan_id = 1, 5; drop table loan; select * from book where book_id = 5 and i cant find any examples on the net because everyone doesnt want their shit injected...