Is this query vulnerable to sql injection?

Posted by user294924 on Stack Overflow See other posts from Stack Overflow or by user294924
Published on 2010-03-16T16:24:11Z Indexed on 2010/03/16 16:41 UTC
Read the original article Hit count: 381

Filed under:
|
|
$myq = sprintf("select user from table where user='%s'", $_POST["user"]);

I would like to know if the above query can be exploited using SQL injection. Is there any advanced SQL injection technique that could break sprintf for this particular query?

© Stack Overflow or respective owner

Related posts about sql

Related posts about sql-injection