Union select null, null, null, null, null, null, null from information_schema.tables. for a small database containing three tables. this instruction is used in sql injection I tried it and it worked but I didn't really know how it works can somebody help me...
The IS NOT NULL operator is used to test for non-empty values (NOT NULL values). The following SQL lists all customers with a value in the "Address" field: Example. SELECT CustomerName, ContactName, Address FROM Customers WHERE Address IS NOT NULL
Существуют специальные операторы IS NULL и IS NOT NULL, которые позволяют производить сравнения с NULLами.
11223344) UNION SELECT NULL,NULL,NULL,NULL WHERE 1=2 –- No Error - Syntax is right. MS SQL Server Used. Proceeding.
...other is null, in this case, you'll take the non-null value. a situation where both column will be non-null but are not the same. otherwise, which one would you
Предикат IS NULL позволяет проверить отсутствие (наличие) значения в полях таблицы. Использование в этих случаях обычных предикатов сравнения может привести к неверным результатам, так как сравнение со значением NULL дает результат UNKNOWN (неизвестно).
NULL is a special value that signifies 'no value'. Comparing a column to NULL using the = operator is undefined.
NULL is special in SQL. NULL indicates that the data is unknown, inapplicable or even does not exist. In other words, NULL represents that the data is missing in the database. For example, if an employee does not have any phone number, you can store it as an empty string.