rgb192
asked on
php query string addition
At the end of php query string
I add
or 1=1
but the text is changed to
%20or%201=1
how can I add
or 1=1 to end of url
I saw sql injection tutorials but none make sense too theoretical
I add
or 1=1
but the text is changed to
%20or%201=1
how can I add
or 1=1 to end of url
I saw sql injection tutorials but none make sense too theoretical
That is correct for url encoding. You cannot have spaces in a query string. They have been replaced with %20 which is recognized as a space by the server when it receives the request.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
full %20 answer with code showed me complete answer
thanks
thanks
Thanks for the points. Just as an aside, sometimes the blank can be URL-encoded into the plus sign, too. So or 1 = 1 could look like or+1+=+1 and it would likely work correctly, too.