Suppose the website is written in PHP which disables multiple statements. If the query

Question

0

Asked: May 29, 20262026-05-29T22:43:08+00:00 2026-05-29T22:43:08+00:00

Suppose the website is written in PHP which disables multiple statements. If the query

0

Suppose the website is written in PHP which disables multiple statements. If the query looks like this:

Select id From TableX Where num = >userInput<

Is it impossible to Update or Delete record by SQL Injection? Is it possible to get the content from another table, like tableB, which may not be union-compatible?

Thanks in advance.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-29T22:43:11+00:00

Editorial Team

2026-05-29T22:43:11+00:00Added an answer on May 29, 2026 at 10:43 pm

userInput = -1 union select GetCharCode(SomeStringField, CharPosition) from SomeTable where SomeCondition, where GetCharCode returns the code of character in CharPosition of SomeStringField (you need to write some DB-specific code there) will help you to get the value of SomeStringField by looping through possible CharPositions, and thus bypass the problem of tableB not being “union-compatible”.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Suppose the website is written in PHP which disables multiple statements. If the query

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply