What is SQL injection?

SQL injection allows a hacker to inject malicious SQL statement by exploiting improperly sanitized queries. It is by far one of the most common attack vectors, and was used in several famous exploits. For example, let’s say we use user-submitted form data to check a user’s credentials: sqlQuery = ” SELECT * FROM users WHERE […]

The connection string to use with PHP, dblib and SQL Server

If you are trying to connect to an SQL Server database with the dblib drivers for PDO, this is the correct connection string to use: new PDO(‘dblib:host=’.$host.’;dbname=’.$database, $this->user, $this->password); You can also specify the encoding with charset=UTF-8 or charset=ISO-8859-1 if necessary. Be aware that dblib is incredibly buggy and that it does not support unicode […]

SQL Server: How to add a month to the current date

If you want to add a month to the current date in SQL Server, use the DATEADD function. In this example, we add 1 month to the current date by combining it with GETDATE(): DATEADD(mm,1,GETDATE()) In this second example, we add two months to a date from another column called other_column: DATEADD(mm,2,other_column) You can use […]

How to connect to another database in psql

If you are familiar with MySQL, you might have been looking for a use database_name; equivalent when accessing your database from the PostgreSQL shell. Use the following command to switch to another database: \c my_database_name

XAMPP for OS X: How to access MySQL from the command line

If you want to access XAMPP’s MySQL shell on Mac OS X, use the following command: /Applications/xampp/xamppfiles/bin/mysql -u root -p This gave me a few headaches in the past, so I’ll leave this here for others to find.

How to fix the “#1046: No database selected” error in phpMyAdmin

Here is a simple solution to the “#1046: No database selected” error when trying to import a .sql file in phpMyAdmin. Solution #1: Before importing In phpMyAdmin, click on the Export tab from the home page of phpMyAdmin, without selecting any database. phpMyAdmin will then include instructions to create and select the database when you […]