???PHP??SQL??????????????????????
???????????? ???????[ 2014/1/15 10:20:26 ] ????????SQL PHP ???? ??????
?????????????У???????????????????????????????????? zhang3??abc123???????? SQL ??????£?
????SELECT * FROM tbl_users WHERE username='zhang3' AND password = 'abc123' LIMIT 0??1
??????????????? username ?????????zhang3' OR 1=1 #???? password ???? abc123???????? SQL ????????£?
????SELECT * FROM tbl_users WHERE username='zhang3' OR 1=1 #' AND password = 'abc123' LIMIT 0??1
???????? # ?? mysql?е??????? #???????????У?????????????????
????SELECT * FROM tbl_users WHERE username='zhang3' OR 1=1
?????????????????????????????????????????????????????????? UNION SELECT?????Σ?????
?????????? username ??????zhang3 ' OR 1 =1 UNION select cola?? colb??cold FROM tbl_b #
??????password ???? abc123??
?????????? SQL ??????
????SELECT * FROM tbl_users WHERE username='zhang3 ' OR 1 =1 UNION select cola?? colb??cold FROM tbl_b #' AND password = 'abc123' LIMIT 0??1
??????????Σ?????
????????magic_quotes_gpc = On ????????
?????? magic_quotes_gpc = On ??????????????????????ν??? SQL ?????????????????????????????????????ν???SQL???
???????°?? MYSQL 5.x ?У?????????????????????????????????????????????????Σ?????????????????????????????? uid ???????????????? mysql ?汾?У?????????????????
????INSERT INTO tbl_user SET uid="1";
????SELECT * FROM tbl_user WHERE uid="1";
???????μ? MYSQL 5.x ?У????????????????????д????????
????INSERT INTO tbl_user SET uid=1;
????SELECT * FROM tbl_user WHERE uid=1;
????????????????????????????????????????????????????????????????????????????
??????????????? magic_quotes_gpc = On ?????????????????????????????????ν??? SQL ????????е? php ????????
<?
if (isset($_POST["f_login"])) {
// ?????????...
// ...??????...
// ????????????
$t_strUid = $_POST["f_uid"];
$t_strPwd = $_POST["f_pwd"];
$t_strSQL = "SELECT * FROM tbl_users WHERE uid=$t_strUid AND password = '$t_strPwd' LIMIT 0??1";
if ($t_hRes = mysql_query($t_strSQL)) {
// ?????????????. ??...
}
}
?>
<html><head><title>test</title></head>
<body>
<form method="post" action="">
User ID: <input type="text" name="f_uid" size=30><br>
Password: <input type=text name="f_pwd" size=30><br>
<input type="submit" name="f_login" value="???">
</form>
</body>
</html>
??????????ν???????????? userid ?? password ??????????????????????? 1001??abc123?????? sql ??????£?
????SELECT * FROM tbl_users WHERE userid=1001 AND password = 'abc123' LIMIT 0??1
??????????????? userid ????????1001 OR 1 =1 #????????sql??????£?
????SELECT * FROM tbl_users WHERE userid=1001 OR 1 =1 # AND password = 'abc123' LIMIT 0??1
?????????????????
??????????η?? PHP??SQL ?????
??????η?? php sql ???????????????????????????????????м?????塣?????????????£?
????1. php.ini ?е? display_errors ???????????display_errors = off?????? php ???????????????? web ???????????????ù?????????????????????
????2. ???? mysql_query ?? mysql ????????????ü??? @???? @mysql_query(...)?????? mysql ???????????????????ù??????????????????????????Щ?????????????????? mysql_query???????????????????? sql ??????磺
<php
$t_strSQL = "SELECT a from b....";
if (mysql_query($t_strSQL)) {
// ????????
} else {
echo "????! SQL ???$t_strSQL
???????" . mysql_query();
exit;
}
?>
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11