MySQL SELECT "inside" LIMIT?

Stuff that don´t fit in the other categories.
Post Reply
User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:

MySQL SELECT "inside" LIMIT?

Post by ayu »

Pretty tired now and need sleep, so I'll just throw this on you guys : D

Ran into a problem when doing an SQL-query for a script.
This is not the real one since mine is longer and would only complicate things.

This, does not work ... anyone know why?
And maybe a possible solution as well?

Code: Select all

SELECT 1 LIMIT (SELECT 1);
Thanks in advance : )
"The best place to hide a tree, is in a forest"

User avatar
leetnigga
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 447
Joined: 28 Jul 2009, 16:00
14

Post by leetnigga »

You might want to explain what you're trying to do as that query makes no sense to me.

User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:

Post by ayu »

leetnigga wrote:You might want to explain what you're trying to do as that query makes no sense to me.
Yeah I realized that now that I woke up.

I am trying to use a SELECT inside of a LIMIT, so that I can get either a 1 or a 0 depending on the SELECT statement inside of the parentheses.

For example

Code: Select all

SELECT table_name FROM information_schema.tables LIMIT 1
But instead I want something like

Code: Select all

SELECT table_name FROM information_schema.tables LIMIT (SELECT (IF(1=1, 1,2)))
So that when the statement is true, it gives a 1 in this case, and a 2 if false.
To make it even more clear, it's for a blind SQL injection I'm playing with.
"The best place to hide a tree, is in a forest"

User avatar
leetnigga
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 447
Joined: 28 Jul 2009, 16:00
14

Post by leetnigga »

This works in sqlite:

Code: Select all

SELECT * FROM table LIMIT (SELECT 3);
but apparently not in MySQL. From the MySQL documentation:

LIMIT takes one or two numeric arguments, which must both be nonnegative integer constants (except when using prepared statements).

User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:

Post by ayu »

@leetnigga: hmm ok. I wonder if it works if I type cast the result from the (SELECT 1). Since it will always return an integer (1 or 2).

I'm at the Uni now so will have to play with that when I get home.
Thanks for looking it up :)

EDIT: I tried something like this

Code: Select all

SELECT 1 LIMIT (SELECT CAST((SELECT 1) AS UNSIGNED INTEGER));
This doesn't work at least.

I'll continue to play around
"The best place to hide a tree, is in a forest"

Post Reply