0

根据本教程:http ://www.tizag.com/mysqlTutorial/mysql-php-sql-injection.php 下面的代码将演示 SQL 注入:

<?php
// a good user's name
$name = "timmy"; 
$query = "SELECT * FROM customers WHERE username = '$name'";
echo "Normal: " . $query . "<br />";

// user input that uses SQL Injection
$name_bad = "' OR 1'"; 

// our MySQL query builder, however, not a very safe one
$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";

// display what the new query will look like, with injection
echo "Injection: " . $query_bad;

在前端,它显示: Injection: SELECT * FROM customers WHERE username = '' OR 1''

所以我只是做了一个测试,在 phpmyadmin->sql 中,我运行以下代码:

SELECT * FROM users WHERE fname = '' OR 1''

它显示:

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' LIMIT 0, 30' at line 1

问题:

假设它会显示表中的每一个条目"users",但不是,为什么?如果我想演示sql注入,怎么做?

4

2 回答 2

1

更典型的 SQL 注入是:$name_bad = "' OR 1=1 -- ";. 这将导致以下 SQL:

SELECT * FROM customers WHERE username = '' OR 1=1 -- '
于 2013-07-29T09:54:01.957 回答
0 
SELECT * FROM users WHERE fname = '' OR 1 = 1

可能是他们的意思

编辑刚刚看了

SELECT * FROM users WHERE fname = '' OR 1

1 评估为真,所以只需删除它后面的 ''

该链接也已过时,请改为查看 mysqli 或 pdo

于 2013-07-29T09:53:49.533 回答