clear markdown compare help best fiddles feedback
clear markdown feedback
By using db<>fiddle, you agree to license everything you submit by Creative Commons CC0. 3601472 fiddles created (47975 in the last week).
CREATE TABLE foo (id serial, data text); INSERT INTO foo (data) VALUES ('Important data'); INSERT INTO foo (data) VALUES ('More Important data');
1 rows affected
1 rows affected
 hidden batch(es)
CREATE FUNCTION unsafe_add_table(text) RETURNS void AS $func$ BEGIN EXECUTE 'CREATE TABLE ' || $1 || '(item_1 int, item_2 int)'; END $func$ LANGUAGE plpgsql;
 hidden batch(es)
TABLE foo;
id data
1 Important data
2 More Important data
 hidden batch(es)
-- malicious call with SQL injection SELECT unsafe_add_table('bar(id int); DELETE FROM foo; --');
unsafe_add_table
 hidden batch(es)
-- all rows in table foo have been deleted! TABLE foo;
id data
 hidden batch(es)