Added a little more info to assignments 11-13 of sql-introduction
This commit is contained in:
Benedikt - Desktop
Nanne Baars
parent
e8caeedf53
commit
df49fcdb39
@ -285,7 +285,7 @@
|
||||
<table>
|
||||
<tr>
|
||||
<td><label>Action contains:</label></td>
|
||||
<td><input name="action_string" value="" type="TEXT"/></td>
|
||||
<td><input name="action_string" value="" type="TEXT" placeholder="Enter search string"/></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><button type="SUBMIT">Search logs</button></td>
|
||||
|
||||
@ -10,4 +10,4 @@ Another way to compromise availability would be to per example revoke access-rig
|
||||
Now you are the top earner in your company.
|
||||
But do you see that?
|
||||
There seems to be a *access_log* table, where all your actions have been logged to! +
|
||||
Better go and _delete it_ quickly before anyone notices.
|
||||
Better go and _delete it_ completely before anyone notices.
|
||||
|
||||
@ -11,7 +11,7 @@ If the input takes a string and that one gets inserted into the query as a strin
|
||||
You could per example end the string parameter with it and input your own SQL after that.
|
||||
|
||||
=== It's your turn!
|
||||
You are an employee named *John Smith* working for a big company.
|
||||
You are an employee named John *Smith* working for a big company.
|
||||
The company has an internal system that allows all employees to see their own internal data, like the department they work in and their salary.
|
||||
|
||||
The system requires the employees to use a unique _authentication TAN_ to view their data. +
|
||||
|
||||
@ -11,3 +11,6 @@ You can do this by using the *;* metacharacter which marks the end of a query an
|
||||
You just found out that Tobi and Bob both seem to earn more money than you!
|
||||
Of course you cannot leave it at that. +
|
||||
Better go and _change your own salary so you're earning the most!_
|
||||
|
||||
|
||||
Remember: Your name is John *Smith* and your current TAN is *3SL99A*.
|
||||
Loading…
x
Reference in New Issue
Block a user