Menu
why select 'aaa' =0 return 1 (TRUE)
if i have a table like
userid | pass
user1 | pas1
if I query :
select from table where userid = 0 and pass =0
it gives me all the rows?
762
The MySQL CAST() function is used for converting a value from one datatype to another specific datatype. The CAST() function accepts two parameters which are the value to be converted and the datatype to which the value needs to be converted.
MySQLi For Beginners To fetch the first alphabet from the strings, use LEFT(). This method allows you to return characters from the left of the string.
MySQL LOCATE() Function The LOCATE() function returns the position of the first occurrence of a substring in a string. If the substring is not found within the original string, this function returns 0. This function performs a case-insensitive search.
MySQL sees 'aaa' = 0 and thinks to itself:
"I can either convert aaa to an integer, or 0 to a string."
Guess which one it goes with?
Basically what's happening is that 'aaa' is being converting to an integer, and as it's not a valid integer, it casts to 0.
0 = 0 is of course true (or true == 1).
I suspect the same is happening with your userid column, though without knowing its values/datatype, it's hard to say.
http://dev.mysql.com/doc/refman/5.0/en/type-conversion.html
128
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
