I've to make a small demonstration about how to make a MySQL Injection and how to protect us against them. I already know exactly how to protect our application for then, but I've some question about SQL injection.
A created a simple dummy website for the demonstration, on which I've added a search field. This search field isn't protected so subject to SQL injection.
I already made some example, like how to retrieve some global info on the database(version, current user, database name), inserting a " 'UNION SELECT [MyInteresstingFields] From [mytable]; --"
, but my question is:
What is the next step? Is it possible to alter the database? How? I don't see, because mysql_query(it's a php website using cakePhp) only runs one request, so how alter a SELECT request to make a change in the database?(e.g. insert, edit or anything else, doesn't matter, it's only to show them what can be the result).