Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

7
  • Thanks for your anwser. I tried the "INTO OUTFILE", but where can I write the file to? Is there a public sharing folder or should I set up a one by myself? Commented Oct 9, 2013 at 21:22
  • That totally depends on the file system permissions I imagine. You could try /tmp, that should be writable Commented Oct 9, 2013 at 21:24
  • Just to clarify, he doesn't mention anything about PHP in his question, just general SQL Injection. Also you can do multi-statement queries in PHP (but you have to go out of your way to do it). Most other languages support multi-statement queries in some form as well. This is a good explanation though! Commented Oct 9, 2013 at 21:26
  • 1
    Reference: php.net/manual/en/mysqli.quickstart.multiple-statement.php Commented Oct 9, 2013 at 21:29
  • @DarkMantis Do I have to write the file to the server where the database resides? As far as I see, I don't have write permission to that server. Commented Oct 9, 2013 at 21:30