I use SQL tab in phpMyAdmin to test statements, but some queries does not work, like, USE query; But, for example, after running USE statement and then using USE DATABASE() to check, null value returned.
USE dbname;
USE dbname
USE `dbname`;
I want to be able to run SQL statements on specific database; and this is possible after selecting (after using USE statement) database. I can click on the database name on the left sidebar and then run SQL statements, I know; But why is not possible to use "USE" statement to select database directly?
The USE statement doesn't return anything. This is why you are seeing null. It is functioning correctly.
USE sets the connection to use the database in the statement for future statements.
Related
I have a file that runs a SQL query:
SELECT * FROM items WHERE name LIKE "%<String Passed to It>%"
I am trying to test for basic web security here. How can I break this query to drop the items table, without using spaces or semi-colons
Try setting the value of the to be:
'\gDROP TABLE items\g--
You will need to escape that apostrophe.
Making you're query look like this:
SELECT * FROM items WHERE name LIKE '%'\gDROP TABLE items\g--%'
In mySQL \g is equivalent to a semi-colon. However, I'm not sure if spacing is required as I do not currently have a local installation of mySQL set up, and I do not know exactly what language and framework you're using to execute that query.
However, the other comments are right that using a prepared statement and parameters rather than building the SQL string in code is the way to go in trying to prevent SQL Injection attacks.
See here
Is there any way in mysql to determine of a sql statement is valid before executing it? (In other word rather than execute the stamens and deal with errors I simply want to know if it is a valid statement)
I notice in Mysql workbench that then I type a query it checks it for validity, so I assume there is a way to do that?
In essence I am trying to "precheck" the sql at runtime to see if it is even valid with actually executing it.
Perhaps using the NOEXEC statement?
You can use something called 'SQL Fiddle', you have to build a schema first and then start running your sql queries, see link below:
http://sqlfiddle.com/
I managed to connect to MySQL DB via Sql Developer following this guide. MySQL DB shows and I can expolre tables via the navigator. However, I could not run SELECT statement to show any of these tables. In MySQL workbench I used to use :
use [database_name]
Then, run select statement in that database. But in Sql developer, I am not sure what should I add to the statement to make it work. I have tried the following:
select *
from [table_name].[database_name];
It does not work. I found this tutorial, but nothing is mentioned about simple select statement. Any help is deeply appreciated.
AFAIK, except MySQL specific commands; all other standard SQL commands like SELECT,INSERT,UPDATE,DELETE should work just fine using SQL Developer. but per your posted query, it looks total strange.
Your query
select * from [table_name]#[database_name];
remove that # sign.
you should qualify like database_name.table_name.
Unless it's a typo, remove those [] as well from your query
statement.
Your query should look like
select * from database_name.table_name;
You can always write your SQL including database as well, in the form of:
database.tablename
such as:
select * from wordpressdb.usertable where username="someone"
All of the examples I've found show how to use query by sql statement, as: 'connection.query("select * from my_table",...)', but I want to do it without sql statement, but with store procedure.
I found something about 'db-mysql' that supplies this option but I didn't success installing it.
I don't want to use sql statement in my code.
I want to select, update etc. by stored procedures in my mysqldatabase (like C#).
How can I do it?
Checkout http://sequelizejs.com/ it is a node compatible orm which allows you to easily interface with sql without needing to use sql statements.
Before I begin, I realize that what I'm attempting is bizarre and hackish. It's just for an isolated pen test, specifically SQL Injection.
What I need to do is write a SQL statement that behaves differently when executing on a MySQL database than it does when executing on a SQL Server Database.
Edit
The limitation of the Query I can build is that I can only change what's after the "WHERE id =" clause. I can't affect any other part of the query. Specifically, I need to be able to attach a " UNION SELECT * FROM some_other_table" that only gets executed by the SQL server to the end of my input.
This obviously would blow up MySQL because it doesn't have the tables I'm unioning.
Specifically:
SELECT * FROM USERS
WHERE id = My input -> (MySQL code: 'x' or 1=1 )
(MSSQL code 'x' or 1=1 UNION SELECT * FROM table)
The problem is, if either statement gets executed by the database it wasn't meant for, it blows up (and not in the way I need it to).
This lead to my discovery of Conditional/Executable Comments in MySQL.
SELECT * FROM USERS
WHERE id = /*! This will be executed but only by mysql */
That's great but I still can't prevent MySQL from executing MSSQL! I can only stop MSSQL from executing MySQL code.
My initial idea was to have a comment inside the MySQL conditional like:
SELECT * FROM USERS
WHERE id = /*! 4 or 1=1 --*/ MSSQL code that is ignored by mysql
But this throws an error saying to check my syntax at a line with nothing on it near ''.
I don't fully understand why this doesn't work but I know doesn't work with any form of MySQL comment I know of (Tried #, /*).
Is there a way to get my strange SQL statement to work? Or is there a way to do a conditional comment in MSSQL? I really just need MySQL to ignore anything after it's conditional but I have no idea how to make that happen without comments.
I'm not sure if this is what you need, but if I understand correctly you want one SQL statement that returns different results on MySQL vs. SQL Server (if that's what "behaves differently" means?). If so, one place to start would be using a system function that has the same name and syntax but different behaviour, such as SUBSTRING():
select substring('test', -1, 1)
On SQL Server that returns an empty string, but on MySQL it returns t. I don't know if using SUBSTRING() is viable in your case, but if not you may be able to find another function that's easier to use in your query.
If this doesn't help at all then I suggest you provide some more details about what limitations you have in building your query.