SQL Injection demo

125.6K views

Open Source Your Knowledge, Become a Contributor

Technology knowledge has to be shared and made accessible for free. Join the movement.

Aside code editor demo

The content of this playground is identical to the one of the previous page. It is just a demo of the aside code presentation of a course.

Run application

Open Source Your Knowledge: become a Contributor and help others learn. Create New Content

// {
var express = require('express');
var bodyParser = require('body-parser');
var sqlite3 = require('sqlite3').verbose();
var app = express();
app.use(express.static('.'));
app.use(bodyParser.urlencoded({extended: true}));
var db = new sqlite3.Database(':memory:');
db.serialize(function() {
  db.run("CREATE TABLE user (username TEXT, password TEXT, name TEXT)");
  db.run("INSERT INTO user VALUES ('admin', 'admin123', 'App Administrator')");
});
// }
app.post('/login', function (req, res) {
    var username = req.body.username; // a valid username is admin
    var password = req.body.password; // a valid password is admin123
    var query = "SELECT name FROM user where username = '" + username + "' and password = '" + password + "'";
    console.log("username: " + username);
    console.log("password: " + password);
    console.log('query: ' + query);
    
    db.get(query , function(err, row) {
        if(err) {
            console.log('ERROR', err);
            res.redirect("/index.html#error");
        } else if (!row) {

Open Source Your Knowledge, Become a Contributor

2/2 SQL Injection 2

Aside code editor demo

Ternary Operator

Introduction to Reason Compilation

Algorithm X

New