MySQL Ñϸñģʽ sql_mode
ËäȻ˵ÎÒÃǾ¡Á¿ÔÚд³ÌÐòµÄʱºò¿ØÖƲåÈëµ½Êý¾Ý¿âµÄÊý¾Ý£¬¶ø²»ÒªÓÃÊý¾Ý¿âÈ¥ÅжÏÊý¾ÝµÄ¶Ô´í£¬µ«ÊÇÓÐʱºòΪÁË·½±ã»¹ÊÇÐèÒªÊý¾Ý¿â×ÔÉíµÄÈÝ´íÄÜÁ¦À´°ïÖúÎÒÃǴﵽĿµÄµÄ¡£¾ÙÀý˵Ã÷£º
´´½¨ÈçÏÂÊý¾Ý±í
CREATE TABLE `book` (
`id` int(11) default NULL,
`num` int(11) unsigned default NULL
) ENGINE=InnoDB DEFAULT CHARSET=gbk
insert into bookvalues(1,0),(2,0)
Ö´ÐÐupdate book set num='abc'£¬¾¹È»²»±¨´í£¬ÔÒòÊÇûÓÐÆôÓÃÑϸñģʽ¡£ËùÒÔ
ÏÈÖ´ÐÐset sql_mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION",
È»ºóÖ´ÐÐupdate book set num='abc'£¬Êý¾Ý¿â¾Í±¨´íÁË
Èç¹ûÏëÒ»ÀÍÓÀÒÝ£¬ÄǾÍÖ±½Ó°ÑÊý¾Ý¿âÅäÖÃÎļþmy.iniÖеÄÏà¹Ø²ÎÊýÉèÖÃΪ
# Set the SQL mode to strict
sql-mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
Ïà¹ØÎĵµ£º
SQLÊÖ¹¤×¢Èë´óÈ«
2006Äê08ÔÂ11ÈÕ ÐÇÆÚÎå 21:00
±È·½ËµÔÚ²éѯidÊÇ50µÄÊý¾Ýʱ£¬Èç¹ûÓû§´«½üÀ´µÄ²ÎÊýÊÇ50 and 1=1£¬Èç¹ûûÓÐÉèÖùýÂ˵Ļ°£¬¿ÉÒÔÖ±½Ó²é³öÀ´£¬SQL ×¢ÈëÒ»°ãÔÚASP³ÌÐòÖÐÓöµ½×î¶à£¬
¿´¿´ÏÂÃæµÄ
1.ÅжÏÊÇ·ñÓÐ×¢Èë
;and 1=1
;and 1=2
2.³õ²½ÅжÏÊÇ·ñÊÇmssql
;and user>0
3.ÅжÏÊý¾Ý¿âϵͳ
;and ......
PL/SQL ²»¾ß±¸ÊäÈëÊä³öµÄÄÜÁ¦
µ«ÊÇ¿ÉÒÔÒÀ¿¿»·¾³À´Ö´ÐÐÊýÖµµÄÊäÈëÊä³ö¸øPL/SQL ¿é
SQLPLUS »·¾³ÓÃsubstitution variables ºÍ host(bind) variable À´´«ÈëÊýÖµ¸øPL/SQL¿é
substitution variable: such as a preceding ampersand &a
host(bind) variable : such as a preceding colon :x
Ìæ ......
SQL> var a number
SQL> begin
2 :a :=1000;
3 end;
4 /
PL/SQL procedure successfully completed.
SQL> edit
Wrote file afiedt.buf
1 begin
2 dbms_output.put_line(:a);
3* end;
SQL> /
ͨ¹ýÕâ¸ö´úÂë¿ÉÒÔ¿´³öͨ¹ýpl/sql³õʼ»¯¸³ÖµµÄBind variable¿ÉÒÔ±»ÆäËûPl/sql³ÌÐòµ ......
×÷Õߣº²»Ïê ³ö´¦£ºÍøÂçתÔØ 2009/11/18 10:35:22 ÔĶÁ 109 ´Î
¡¡¡¡¼¼Êõˮƽ×ÜÄÜÔÚ³¶Æ¤ºÍ´µÃ«Çó´ÃÖеõ½Ìá¸ß¡£Èç¹û´ÓÀ´²»“Çó´Ã”£¬¿ÉÄܾͲ»»áÖªµÀif(str != "")²»Èçif(str != string.Empty)¸ßЧ¡¢ÅúÁ¿²åÈëºÍɾ³ýµÄsqlÓï¾äÊÇÒªÄÇÑùд²ÅÖ´ÐÐ×î¿ì¡¢½Ó¿ÚºÍ³éÏóÀàµÄÇø±ð²»½öÊÇÓïÑÔ²ãÃæ¡¢ ......
MySQLÓï¾äÓÅ»¯µÄ»ù±¾ÔÔò£º
¡ô1¡¢Ê¹ÓÃË÷ÒýÀ´¸ü¿ìµØ±éÀú±í¡£
ȱʡÇé¿öϽ¨Á¢µÄË÷ÒýÊÇ·ÇȺ¼¯Ë÷Òý£¬µ«ÓÐʱËü²¢²»ÊÇ×î¼ÑµÄ¡£ÔÚ·ÇȺ¼¯Ë÷ÒýÏ£¬Êý¾ÝÔÚÎïÀíÉÏËæ»ú´æ·ÅÔÚÊý¾ÝÒ³ÉÏ¡£ºÏÀíµÄË÷ÒýÉè¼ÆÒª½¨Á¢ÔÚ¶Ô¸÷ÖÖ²éѯµÄ·ÖÎöºÍÔ¤²âÉÏ¡£Ò»°ãÀ´Ëµ£º
a.ÓдóÁ¿Öظ´Öµ¡¢ÇÒ¾³£Óз¶Î§²éѯ£¨ > ,< £¬> =,& ......
