Skip to main content
EURASIP Journal on Information Security

Table 1 Special characters used to compose SQL-injection code

From: A novel technique to prevent SQL injection and cross-site scripting attacks using Knuth-Morris-Pratt string match algorithm

S/N

Character

Description

1

‘

Character string indicator

2

-- or #

Single line comment

3

/*…*/

Multiple line comment

4

%

Wildcard attribute indicator

5

;

Query terminator

6

+ or ||

String concatenate

7

=

Assignment operator

8

>, <, <=, >=, ==, <> or ! =

Comparison operators

Back to article page