Menu
I have encountered rather weird behavior with SQL LIKE, = and LIKE BINARY
Note : The first 3 characters of password is actually 3Vf and the rest of the query is syntactically correct too.
SUBSTRING(password,1, 3) = "3VF" -> returns true
SUBSTRING(password,1, 3) = "3Vf" -> returns true
SUBSTRING(password,1, 3) LIKE "3VF" -> returns true
SUBSTRING(password,1, 3) LIKE "3Vf" -> returns true
However if i use LIKE BINARY, i get case sensitive behavior
SUBSTRING(password,1, 3) LIKE BINARY "3VF" -> returns false
SUBSTRING(password,1, 3) LIKE BINARY "3Vf" -> returns true
I dont understand why the comparisions are case insensitive. Considering the password is a VARCHAR(64). In all the resources I've seen online it says that = and LIKE both are case sensitive.
Note: the full query I'm running is
SELECT * from users where username="natas16" AND SUBSTRING(password,1, 3) = XX
Also, This is NOT a real world application but a natas level. It is sort of a 'hacking' playground. They have different levels with vulnerabilities you are supposed to exploit. So this is not a real world example.
http://www.overthewire.org/wargames/natas/
682
Let's start there. Keywords in SQL are case-insensitive for the most popular DBMSs. The computer doesn't care whether you write SELECT , select, or sELeCt ; so, in theory, you can write however you like.
No. MySQL is not case sensitive, and neither is the SQL standard. It's just common practice to write the commands upper-case. Now, if you are talking about table/column names, then yes they are, but not the commands themselves.
Using LOWER( ad UPPER() functions for case sensitive queries In the similar fashion UPPER() and LOWER() functions can be used in the LIKE clause for getting similar records and making the search insensitive in the table or database having collation that shows CS that is case sensitive in its collation.
The LIKE statement is used for searching records with partial strings in MySQL. By default the query with LIKE matches case-insensitive recores. Means query will match both records in lowercase or uppercase. For example, Search all records un colors table where name is start with “Gr”.
Whether the LIKE and = act in a case sensitive manner will be determined by the collation of the field you are doing the comparison on. If your field has a non-case-sensitive collation (like I'm guessing yours does) then you get non-case-sensitive comparison results. If the field has a binary or case-sensitive collation or if you used the BINARY keyword on the comparison to force a binary comparison, you would get the case-sensitive comparison.
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
