SQL 注入中这些特殊字符的用途是什么?
What're the purposes of these special characters in SQL injection?
$sel1 = mysql_query ("SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = '$user' OR email = '$user') AND pass = '$pass'");
$chk = mysql_fetch_array($sel1);
if (found one record)
then {allow the user to login}`
问题是尝试用用户名admin');#"登录,你会发现你登录的用户是admin!
问题询问 sql 注入中每个特殊字符的用途。
,
)
;
#
“
谢谢!
这个值:
admin');#
将在字符串 "admin" 之后终止 SQL 语句并将之后的所有内容视为注释。所以这个:
SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = '$user' OR email = '$user') AND pass = '$pass'
基本上变成这样:
SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = 'admin')
找到一条记录,系统愉快地继续前进,将用户登录为 'admin',因为查询已成功找到该记录。
$sel1 = mysql_query ("SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = '$user' OR email = '$user') AND pass = '$pass'");
$chk = mysql_fetch_array($sel1);
if (found one record)
then {allow the user to login}`
问题是尝试用用户名admin');#"登录,你会发现你登录的用户是admin! 问题询问 sql 注入中每个特殊字符的用途。 , ) ; # “
谢谢!
这个值:
admin');#
将在字符串 "admin" 之后终止 SQL 语句并将之后的所有内容视为注释。所以这个:
SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = '$user' OR email = '$user') AND pass = '$pass'
基本上变成这样:
SELECT ID, name, locale, lastlogin, gender,
FROM USERS_TABLE
WHERE (name = 'admin')
找到一条记录,系统愉快地继续前进,将用户登录为 'admin',因为查询已成功找到该记录。