Skip to main content

Table 1 Special characters used to compose SQL-injection code

From: A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm

S/N Character Description
1 Character string indicator
2 -- or # Single line comment
3 /*…*/ Multiple line comment
4 % Wildcard attribute indicator
5 ; Query terminator
6 + or || String concatenate
7 = Assignment operator
8 >, <, <=, >=, ==, <> or ! = Comparison operators