25 Jun 10 MySQL – Find Duplicates Only

Within MySQL, we may want to select duplicate records, instead of just selecting unique records. Assuming a table name of ‘table’ and the field to check on being ‘field’;

To select UNIQUE rows only:
SELECT DISTINCT field FROM table;

To select DUPLICATE rows only:
SELECT field FROM table GROUP BY field HAVING ( COUNT(field) = 2 )

To select DUPLICATE, TRIPLICATE or more rows only:
SELECT field FROM table GROUP BY field HAVING ( COUNT(field) > 1 )

Tags: distinct, duplicate, having, MySQL, select, unique

06 Sep 09 Security Consultant – PHP Developer – SQL Injection Attacks

One of the most common form of attacks against web applications is SQL Injection. In the most part, the language that the web application is written in is irrelevant, be that PHP, ASP, Python, Perl, C, etc. As long as the back end database uses something SQL based, be that MySQL, MSSQL, etc, again, we’re in business. This probably covers over 99% of web applications out there. Both the security consultant and the php developer or web application developer in general has to be aware of the implications of SQL Injection. Here’s how it works:
(more…)

Tags: blind sql injection, HTML code, insert, MySQL, pen tester, penetration tester, PHP, Security Consultant, select, sql, sql error, sql injection

11 Mar 09 Simple MySQL Developer Intro

MySQL is one of the most powerful and widely used databases available. Here is a really quick guide to creating a database, creating a table, inserting, selecting and deleting the data, then table, then database. This will not go into too much depth as there are plenty of resources out there already that can provide more information on each step.

I’ll be using the MySQL command line tool on a Linux (Debian!) platform. Assuming I already have mysql running and a passworded root user account:

(more…)

Tags: delete, describe, grant, insert, MySQL, mysql developer, select