Á˽âÊý¾Ý´æ´¢mysql¶Ô²âÊÔµÄÖúÒæ
¹ýÈ¥µÄÒ»¸öÔ£¬ÎҵŤ×÷ÖØÐĶ¼ÔںϷþÄ£¿éµÄ²âÊÔ¡£ÆÄÓÐһЩÊÕ»ñ¡£
´Ë´Î´óÁ¿ºÍmysql´ò½»µÀ£¬¶Ô²úÆ·µÄÊý¾Ý´æ´¢ÓÐÁ˱ȽÏÈ«ÃæµÄÕÆÎÕ¡£²¢´ÙʹºÍÖ´ÐÐÁËdbµÄ±í½á¹¹ºÍÊôÐԵļì²é¡£ºÏ·þͶ·Åºó£¬ÔÝδ·¢ÏÖÒò´íÎóÊý¾Ýµ¼ÖµÄbug»òʹʡ£
²¢ÔÚ²âÊÔ³õÆھ͹Ø×¢ºÍ¼ì²âÐÔÄÜÖ¸±ê£¬´Ùʹ³ÌÐò×öÁËÒ»´ÎÐÔÄܲâÊÔ£»¶ÔͶ·ÅʱµÄ·çÏÕÔöÇ¿ÁËÔ¤·ÀºÍ¿ØÖÆ¡£
ÕâЩ¶ÔÎҵIJâÊÔ˼ά£¬ÓÐÁ˺ܴóµÄÍØÕ¹¡£
Ïà¹ØÎĵµ£º
¸ù¾ÝÄãµÄʹÓÃÄ¿µÄÎÒ¾õµÃÕâ¸öº¯ÊýÓÐÁ½·½ÃæµÄÓÃ;£º
·ÀÖ¹SQL Injection¹¥»÷£¬Ò²¾ÍÊÇÄã±ØÐëÑéÖ¤Óû§µÄÊäÈë
²Ù×÷Êý¾ÝµÄʱºò±ÜÃâ²»±ØÒªµÄ×Ö·ûµ¼Ö´íÎó
mysql_real_escape_string() º¯ÊýתÒå SQL Óï¾äÖÐʹÓõÄ×Ö·û´®ÖеÄÌØÊâ×Ö·û¡£
ÏÂÁÐ×Ö·ûÊÜÓ°Ï죺
\x00
\n
\r
\
'
"
\x1a
Èç¹û³É¹¦£¬Ôò¸Ãº¯Êý·µ»Ø±»×ªÒåµÄ×Ö·û´ ......
×î½üÕÛÌÚGeoServerÓëMysqlµÄÁ¬½Ó£¬ÊÔÁ˲»ÉÙʱ¼ä£¬³öÏÖÁ˼¸¸öÎÊÌâ
1 ·¢²¼µÄ»ùÓÚmysqlÊý¾Ý¿âLayer£¬ÔÚÔ¤ÀÀʱʧ°Ü
Ïà¹Ø°æ±¾ÈçÏ£º
Gerserver 2.0.1
Mysql 5.5.1
mysql-connector-java-5.1.5.jar
gt-mysql-2.6.0.jar
ºó³¢ÊÔÌæ»»MysqlÊý¾Ý¿â°æ±¾Îª5.0 ......
Mysql ³£Óú¯Êý
ASCII(str)
¡¡·µ»Ø×Ö·û´®strµÄµÚÒ»¸ö×Ö·ûµÄASCIIÖµ(strÊÇ¿Õ´®Ê±·µ»Ø0)
mysql> select ASCII('2');
¡¡¡¡-> 50
mysql> select ASCII(2);
¡¡¡¡-> 50
mysql> select ASCII('dete');
¡¡¡¡- ......
ת×Ôhttp://www.phpvim.net/windows/build-mysql-client-on-cygwin.html
MinTTY ÊÇÒ»¸öСÇɵ«È´ºÜʵÓÃµÄ Cygwin Öն˻ú£¬µ«ÓиöÑÏÖصÄÎÊÌâ¾ÍÊÇÎÞ·¨µ÷Óý»»¥Ð﵀ Windows ÔÉú³ÌÐò£¬±ÈÈç˵
mysql.exe£¬µ±ÄãÔÚ MinTTY ÖÐÊäÈëÈçϵÄÃüÁ
1
$ mysql -uroot
-p
±¾À´ mysql.exe »áÌáʾÊäÈëÃÜÂ룬µ«ÔÚ MinTTY ÖгÌÐò»áÖ± ......
