_____SQL Injection: index.php?module=News&startrow='[sql injection] _____Show path to script: user.php?op=userinfo&uname='