From ac5404709749c146bb6ea903950f90fed9f8c1f4 Mon Sep 17 00:00:00 2001
From: whx <mail@stefan.works>
Date: Mon, 6 May 2024 15:22:43 +0000
Subject: [PATCH] changes inside the presentation for better understandings of
 the topic

---
 introduction-to-sql-injection/presentation.html | 9 ++++++---
 introduction-to-sql-injection/sql_injection.md  | 6 ++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/introduction-to-sql-injection/presentation.html b/introduction-to-sql-injection/presentation.html
index fe24a07..738108f 100644
--- a/introduction-to-sql-injection/presentation.html
+++ b/introduction-to-sql-injection/presentation.html
@@ -139,8 +139,8 @@ class="sourceCode sql"><code class="sourceCode sql"><span id="cb1-1"><a href="#c
 <section class="slide level1">
 
 <h3 id="number-2">Number 2</h3>
-<p>User input is possible inside a value of type string as a part of
-said SQL query.</p>
+<p>User input is possible as a part of said SQL query. Input is
+delimited, e.g. by <code>'</code> characters.</p>
 <div class="sourceCode" id="cb2"><pre
 class="sourceCode sql"><code class="sourceCode sql"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true" tabindex="-1"></a>sql_query <span class="op">=</span></span>
 <span id="cb2-2"><a href="#cb2-2" aria-hidden="true" tabindex="-1"></a>  <span class="kw">cursor</span>.<span class="kw">execute</span>(</span>
@@ -166,6 +166,7 @@ class="sourceCode sql"><code class="sourceCode sql"><span id="cb3-1"><a href="#c
 </blockquote>
 <ul>
 <li class="fragment">Close the existing string with: <code>'</code></li>
+<li class="fragment">Concatenate a second query: <code>or</code></li>
 <li class="fragment">Write a query that equals to True:
 <code>1=1</code></li>
 <li class="fragment">End the SQL query through a comment:
@@ -178,7 +179,9 @@ class="sourceCode sql"><code class="sourceCode sql"><span id="cb3-1"><a href="#c
 Like</h3>
 <div class="sourceCode" id="cb4"><pre
 class="sourceCode sql"><code class="sourceCode sql"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="kw">SELECT</span> <span class="op">*</span> <span class="kw">FROM</span> users <span class="kw">WHERE</span> username <span class="op">=</span> <span class="st">&#39;&#39;</span> <span class="kw">or</span> <span class="st">&#39;1&#39;</span> <span class="op">=</span> <span class="st">&#39;1&#39;</span> <span class="co">-- - AND password &#39;%s&#39;</span></span></code></pre></div>
-<p><em>Numbers as strings is an SQLite specific thing</em></p>
+<p>You can see thath the value of username has been closed by the
+<code>'</code> character.<br />
+<em>Numbers as strings is an SQLite specific thing</em></p>
 </section>
 <section class="slide level1">
 
diff --git a/introduction-to-sql-injection/sql_injection.md b/introduction-to-sql-injection/sql_injection.md
index 173cb0c..3bd5e27 100644
--- a/introduction-to-sql-injection/sql_injection.md
+++ b/introduction-to-sql-injection/sql_injection.md
@@ -34,7 +34,8 @@ sql_query =
 
 ### Number 2
 
-User input is possible inside a value of type string as a part of said SQL query.
+User input is possible as a part of said SQL query. Input is delimited, e.g. by
+`'` characters.
 
 ```sql
 sql_query =
@@ -60,6 +61,7 @@ sql_query =
 >```
 
 * Close the existing string with: `'`
+* Concatenate a second query: `or`
 * Write a query that equals to True: `1=1`
 * End the SQL query through a comment: `-- -`
 
@@ -70,7 +72,7 @@ sql_query =
 ```SQL
 SELECT * FROM users WHERE username = '' or '1' = '1' -- - AND password '%s'
 ```
-
+You can see thath the value of username has been closed by the `'` character.  
 *Numbers as strings is an SQLite specific thing*
 
 ---