Thread: What is this spam? WordPress SQL in the comments.
View Single Post
Brad
Selfish Heathen
administrator
 
Join Date: May 2004
Location: Zone of Pain
 
2008-06-14, 14:14
Another way the "SELECT 1" construct is handy is in conjunction with an EXISTS and a subquery.

Such as:

SELECT name
FROM users
WHERE EXISTS (SELECT 1 FROM posts WHERE users.user_id = posts.user_id AND posts.rating = 5);

If there are many rows in posts with a rating of 5 and the user_id, the final result will still only have one row for that user_id. This isn't a great example because the query is so simple and there are several other ways to get this result, but this trick comes in handy when you have much larger sets of data and tables to work with.

Quote:
Originally Posted by Banana View Post
It looks as if he was trying to get the password for admin, but had to do some reverse, padding and other juggling all at once.
Do keep in mind that it's very likely this user is simply a bot or a script kiddie targeting a specific, known vulnerability in WordPress and that this is a trick that actually works on vulnerable systems.
The quality of this board depends on the quality of the posts. The only way to guarantee thoughtful, informative discussion is to write thoughtful, informative posts. AppleNova is not a real-time chat forum. You have time to compose messages and edit them before and after posting.
  quote