- Produces a relation/set of tuples
- Can be used to extract a single tuple
- e.g. SELECT bday, age
- FROM student
- WHERE fname='Tim' AND lname='Smith'
- Result = (13-05-80, 20)
- Argument quoting (')
- SQL poisoning
- Not null
- Not numeric values
- MySQL Attribute quoting (`)
- Hypothetical attribute `all`, all, and ALL
SQL poisoning is a vulnerability exposed by inadequate escaping of arguments/variables used to compose SQL queries.
E.g. Tim in previous example, could be Tim'; DELETE FROM student;' SELECT * FROM student WHERE 1