From df49fcdb392aa12eccdeebd51930e4631da4bef5 Mon Sep 17 00:00:00 2001
From: Benedikt - Desktop <benedikt.stuhrmann@gmail.com>
Date: Tue, 22 Jan 2019 11:20:40 +0100
Subject: [PATCH] Added a little more info to assignments 11-13 of
 sql-introduction

---
 .../sql-injection/src/main/resources/html/SqlInjection.html    | 2 +-
 .../lessonPlans/en/SqlInjection_introduction_content10.adoc    | 2 +-
 .../lessonPlans/en/SqlInjection_introduction_content8.adoc     | 2 +-
 .../lessonPlans/en/SqlInjection_introduction_content9.adoc     | 3 +++
 4 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html
index 22f49d679..d10f11156 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html
+++ b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjection.html
@@ -285,7 +285,7 @@
             <table>
                 <tr>
                     <td><label>Action contains:</label></td>
-                    <td><input name="action_string" value="" type="TEXT"/></td>
+                    <td><input name="action_string" value="" type="TEXT" placeholder="Enter search string"/></td>
                 </tr>
                 <tr>
                     <td><button type="SUBMIT">Search logs</button></td>
diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
index 1a42a3869..6c0f8a822 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc
@@ -10,4 +10,4 @@ Another way to compromise availability would be to per example revoke access-rig
 Now you are the top earner in your company.
 But do you see that?
 There seems to be a *access_log* table, where all your actions have been logged to! +
-Better go and _delete it_ quickly before anyone notices.
+Better go and _delete it_ completely before anyone notices.
diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content8.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content8.adoc
index 05d382c40..df1b53f5c 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content8.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content8.adoc
@@ -11,7 +11,7 @@ If the input takes a string and that one gets inserted into the query as a strin
 You could per example end the string parameter with it and input your own SQL after that.
 
 === It's your turn!
-You are an employee named *John Smith* working for a big company.
+You are an employee named John *Smith* working for a big company.
 The company has an internal system that allows all employees to see their own internal data, like the department they work in and their salary.
 
 The system requires the employees to use a unique _authentication TAN_ to view their data. +
diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content9.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content9.adoc
index 51daec6c3..c0ee190ff 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content9.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content9.adoc
@@ -11,3 +11,6 @@ You can do this by using the *;* metacharacter which marks the end of a query an
 You just found out that Tobi and Bob both seem to earn more money than you!
 Of course you cannot leave it at that. +
 Better go and _change your own salary so you're earning the most!_
+
+
+Remember: Your name is John *Smith* and your current TAN is *3SL99A*.
\ No newline at end of file