Look at the following SQL query.
SELECT * FROM product WHERE PCategory=’computers’ or 1=1–‘
What will it return?
Select the best answer.
A.
All computers and all 1’s
B.
All computers
C.
All computers and everything else
D.
Everything except computers
Explanation:
The 1=1 tells the SQL database to return everything, a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus, this query will return all computers and everything else. The or 1=1 is a common test to see if a web application is vulnerable to a SQL attack.