Added an assignment for compromising integrity by query chaining to the sql injections (introduction)

webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html

@@ -62,12 +62,12 @@
               autocomplete="off">
             <table>
                 <tr>
-                    <td><label for="name">Employee Name:</label></td>
-                    <td><input id="name" name="name" value="" type="TEXT" placeholder="Lastname"/></td>
+                    <td><label>Employee Name:</label></td>
+                    <td><input name="name" value="" type="TEXT" placeholder="Lastname"/></td>
                 </tr>
                 <tr>
-                    <td><label for="auth_tan">Authentication TAN:</label></td>
-                    <td><input id="auth_tan" name="auth_tan" value="" type="TEXT" placeholder="TAN"/></td>
+                    <td><label>Authentication TAN:</label></td>
+                    <td><input name="auth_tan" value="" type="TEXT" placeholder="TAN"/></td>
                 </tr>
                 <tr>
                     <td><button type="SUBMIT">Get department</button></td>
@@ -85,21 +85,19 @@
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
         <form class="attack-form" accept-charset="UNKNOWN"
               method="POST" name="form"
-              action="/WebGoat/SqlInjection/attack5b"
+              action="/WebGoat/SqlInjection/attack9"
               enctype="application/json;charset=UTF-8">
             <table>
                 <tr>
-                    <td>Login_Count:</td>
-                    <td><input name="login_count" value="" type="text"/></td>
+                    <td><label>Employee Name:</label></td>
+                    <td><input name="name" value="" type="TEXT" placeholder="Lastname"/></td>
                 </tr>
                 <tr>
-                    <td>Name:</td>
-                    <td><input name="userid" value="" type="TEXT"/></td>
+                    <td><label>Authentication TAN:</label></td>
+                    <td><input name="auth_tan" value="" type="TEXT" placeholder="TAN"/></td>
                 </tr>
                 <tr>
-                    <td></td>
-                    <td><input
-                            name="Get Account Info" value="Get Account Info" type="SUBMIT"/></td>
+                    <td><button type="SUBMIT">Get department</button></td>
                 </tr>
             </table>
         </form>