From 96d11697d46c369c9f3ea4819acf9a0053d8169e Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Tue, 24 Sep 2019 17:36:53 +0200
Subject: [PATCH] SQL Injection lesson 6 minor mistakes in examples #663

---
 .../en/SqlInjection_introduction_content5_after.adoc        | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
index 46c90bbcc..52610a125 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
@@ -2,9 +2,9 @@
 
 ==== Here are some examples of what a hacker could supply to the input field to perform actions on the database that go further than just reading the data of a single user:
 
-* `+Smith’ OR ‘1’ = ‘1+` +
-results in `+"SELECT * FROM USERS WHERE NAME = 'Smith' OR TRUE;+` and that way will return all entries from the users table
+* `+Smith’ OR '1' = '1+` +
+results in `+SELECT * FROM USERS WHERE NAME = 'Smith' OR TRUE;+` and that way will return all entries from the users table
 * `+Smith’ OR 1 = 1; --+` +
-results in `+"SELECT * FROM USERS WHERE NAME = 'Smith' OR TRUE;--';+` and that way will return all entries from the users table
+results in `+SELECT * FROM USERS WHERE NAME = 'Smith' OR TRUE;--';+` and that way will return all entries from the users table
 * `+Smith’; DROP TABLE USERS; TRUNCATE AUDIT_LOG; --+` +
 chains multiple SQL-Commands and deletes the USERS table as well as entries from the audit_log