I'm learning about SQL injection, and I've come across an SQL query that looks like the following.
The SQL query looks like:
INSERT INTO documents (name, filename, mimetype, sessid) VALUES ("name", "filename", "mimetype", "sessid");
I want to do something like:
INSERT INTO documents (name, filename, mimetype, sessid) VALUES ((SELECT * FROM level8.documents), "filename", "mimetype", "sessid");
or even
INSERT INTO documents (name, filename, mimetype, sessid) VALUES ((SELECT * FROM level8.documents), "filename", "mimetype", "sessid");
When I run this I get error code: 1241.
when I run this. What am I doing wrong?