PHP SQL ×¢Èë¹¥»÷µÄ¼¼ÊõʵÏÖÒÔ¼°Ô¤·À°ì·¨
×î½üÔÚÕÛÌÚ PHP + MYSQL µÄ±à³Ì¡£Á˽âÁËһЩ PHP SQL ×¢Èë¹¥»÷µÄ֪ʶ£¬ÓÚÊÇдÁËÕâƪÎÄÕ¡¡http://www.xiaohui.com/weekly/20070314.htm£¬×ܽáһϾÑé¡£ÔÚÎÒ¿´À´£¬Òý·¢ SQL ×¢Èë¹¥»÷µÄÖ÷ÒªÔÒò£¬ÊÇÒòΪÒÔÏÂÁ½µãÔÒò£º
¡¡¡¡1. php ÅäÖÃÎļþ php.ini ÖÐµÄ magic_quotes_gpc Ñ¡ÏîûÓдò¿ª£¬±»ÖÃΪ off
¡¡¡¡2. ¿ª·¢ÕßûÓжÔÊý¾ÝÀàÐͽøÐмì²éºÍתÒå
¡¡¡¡²»¹ýÊÂʵÉÏ£¬µÚ¶þµã×îΪÖØÒª¡£ÎÒÈÏΪ, ¶ÔÓû§ÊäÈëµÄÊý¾ÝÀàÐͽøÐмì²é£¬Ïò MYSQL Ìá½»ÕýÈ·µÄÊý¾ÝÀàÐÍ£¬ÕâÓ¦¸ÃÊÇÒ»¸ö web ³ÌÐòÔ±×î×î»ù±¾µÄËØÖÊ¡£µ«ÏÖʵÖУ¬³£³£ÓÐÐí¶àС°×ʽµÄ Web ¿ª·¢ÕßÍüÁËÕâµã, ´Ó¶øµ¼ÖºóÃŴ󿪡£
¡¡¡¡ÎªÊ²Ã´ËµµÚ¶þµã×îΪÖØÒª£¿ÒòΪÈç¹ûûÓеڶþµãµÄ±£Ö¤£¬magic_quotes_gpc Ñ¡Ï²»ÂÛΪ on£¬»¹ÊÇΪ off£¬¶¼ÓпÉÄÜÒý·¢ SQL ×¢Èë¹¥»÷¡£ÏÂÃæÀ´¿´Ò»Ï¼¼ÊõʵÏÖ£º
¡¡Ò». magic_quotes_gpc = Off ʱµÄ×¢Èë¹¥»÷
¡¡¡¡magic_quotes_gpc = Off ÊÇ php ÖÐÒ»Öַdz£²»°²È«µÄÑ¡Ïа汾µÄ php ÒѾ½«Ä¬ÈϵÄÖµ¸ÄΪÁË On¡£µ«ÈÔÓÐÏ൱¶àµÄ·þÎñÆ÷µÄÑ¡ÏîΪ off¡£±Ï¾¹£¬ÔٹŶµÄ·þÎñÆ÷Ò²ÊÇÓÐÈËÓõġ£
¡¡¡¡µ±magic_quotes_gpc = On¡¡Ê±£¬Ëü»á½«Ìá½»µÄ±äÁ¿ÖÐËùÓÐµÄ '(µ¥ÒýºÅ)¡¢"(Ë«ºÅºÅ)¡¢\(·´Ð±Ïß)¡¢¿Õ°××Ö·û£¬¶¼ÎªÔÚÇ°Ãæ×Ô¶¯¼ÓÉÏ \¡£ÏÂÃæÊÇ php µÄ¹Ù·½ËµÃ÷£º
magic_quotes_gpc boolean Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automaticallyÈç¹ûûÓÐתÒ壬¼´ off Çé¿öÏ£¬¾Í»áÈù¥»÷ÕßÓлú¿É³Ë¡£ÒÔÏÂÁвâÊԽű¾ÎªÀý£º
http://www.xiaohui.com/weekly/20070314.htm
if ( isset($_POST["f_login"] ) ) { // Á¬½ÓÊý¾Ý¿â... // ...´úÂëÂÔ... // ¼ì²éÓû§ÊÇ·ñ´æÔÚ $t_strUname = $_POST["f_uname"]; $t_strPwd = $_POST["f_pwd"]; $t_strSQL = "SELECT * FROM tbl_users WHERE username='$t_strUname' AND password = '$t_strPwd' LIMIT 0,1"; if ( $t_hRes = mysql_query($t_strSQL) ) { // ³É¹¦²éѯ֮ºóµÄ´¦Àí. ÂÔ... } }
<html><head><title>sample test</title></head> <body> <form method=post action=""> Username: <input type="text" name="f_uname" size=30><br> Password: <input type=text name="f_pwd" size=30><br> <input type="submit" name="f_login" value="怬"> </form> </body>
¡¡¡¡ÔÚÕâ¸ö½Å±¾ÖУ¬µ±Óû§ÊäÈëÕý³£µÄÓû§ÃûºÍÃÜÂ룬¼ÙÉèÖµ·Ö±ðΪ zhang3¡¢abc123£¬ÔòÌá½»µÄ SQL Óï¾äÈçÏ£º
SELECT * FROM tbl_users WHERE username='zhang3' AND password = 'abc123' LIMIT 0,1
¡¡¡¡Èç¹û¹¥»÷ÕßÔÚ username ×Ö¶ÎÖÐÊäÈ룺zhang3' OR 1=1 #£¬ÔÚ password ÊäÈë abc123£¬ÔòÌá½»µÄ SQL Óï¾ä±ä³ÉÈçÏ£º
SELECT * FROM tbl_users WHERE username='zhang3' OR 1=1 #' AND password = 'abc123' LIMIT 0,1
¡¡¡¡ÓÉÓÚ # ÊÇ mysqlÖеÄ×¢ÊÍ·û, #Ö®ºóµÄÓï¾ä²»±»Ö´ÐУ¬ÊµÏÖÉÏÕâÐÐÓï¾ä¾Í³ÉÁË£º
SELECT * FROM tbl_users WHERE username='zhang3' OR 1=1
¡¡¡¡ÕâÑù¹¥»÷Õ߾ͿÉÒÔÈƹýÈÏÖ¤ÁË¡£Èç¹û¹¥»÷ÕßÖªµÀÊý¾Ý¿â½á¹¹£¬ÄÇôËü¹¹½¨Ò»¸ö UNION SELECT£¬ÄǾ͸üΣÏÕÁË£º
¡¡¡¡¼ÙÉèÔÚ username ÖÐÊäÈ룺zhang3 ' OR 1 =1 UNION select cola, colb,cold FROM tbl_b #
¡¡¡¡ÔÚpassword ÊäÈë: abc123£¬
¡¡¡¡ÔòÌá½»µÄ SQL Óï¾ä±ä³É£º
SELECT * FROM tbl_users WHERE username='zhang3 ' OR 1 =1 UNION select cola, colb,cold FROM tbl_b #' AND password = 'abc123' LIMIT 0,1
¡¡¡¡ÕâÑù¾ÍÏ൱ΣÏÕÁË¡£Èç¹ûagic_quotes_gpcÑ¡ÏîΪ on£¬ÒýºÅ±»×ªÒ壬ÔòÉÏÃæ¹¥»÷Õß¹¹½¨µÄ¹¥»÷Óï¾ä¾Í»á±ä³ÉÕâÑù£¬´Ó¶øÎÞ·¨´ïµ½ÆäÄ¿µÄ£º
SELECT * FROM tbl_users WHERE username='zhang3\\' OR 1=1 #' AND password = 'abc123' LIMIT 0,1 SELECT * FROM tbl_users WHERE username='zhang3 \\' OR 1 =1 UNION select cola, colb,cold FROM tbl_b #' AND password = 'abc123' LIMIT 0,1
¡¡¶þ. magic_quotes_gpc = On ʱµÄ×¢Èë¹¥»÷
¡¡¡¡µ± magic_quotes_gpc = On ʱ£¬¹¥»÷ÕßÎÞ·¨¶Ô×Ö·ûÐ͵Ä×ֶνøÐÐ SQL ×¢Èë¡£Õâ²¢²»´ú±íÕâ¾Í°²È«ÁË¡£Õâʱ£¬¿ÉÒÔͨ¹ýÊýÖµÐ͵Ä×ֶνøÐÐSQL×¢Èë¡£
¡¡¡¡ÔÚ×îаæµÄ MYSQL 5.x ÖУ¬ÒѾÑϸñÁËÊý¾ÝÀàÐ͵ÄÊäÈ룬ÒÑĬÈϹرÕ×Ô¶¯ÀàÐÍת»»¡£ÊýÖµÐ͵Ä×ֶΣ¬²»ÄÜÊÇÒýºÅ±ê¼ÇµÄ×Ö·ûÐÍ¡£Ò²¾ÍÊÇ˵£¬¼ÙÉè uid ÊÇÊýÖµÐ͵ģ¬ÔÚÒÔÇ°µÄ mysql °æ±¾ÖУ¬ÕâÑùµÄÓï¾äÊǺϷ¨µÄ£º
INSERT INTO tbl_user SET uid="1"; SELECT * FROM tbl_user WHERE uid="1";
¡¡¡¡ÔÚ×îÐ嵀 MYSQL 5.x ÖУ¬ÉÏÃæµÄÓï¾ä²»ÊǺϷ¨µÄ£¬±ØÐëд³ÉÕâÑù£º
INSERT INTO tbl_user SET uid=1; SELECT * FROM tbl_user WHERE uid=1;
¡¡¡¡ÕâÑùÎÒÈÏΪÊÇÕýÈ·µÄ¡£ÒòΪ×÷Ϊ¿ª·¢Õߣ¬ÏòÊý¾Ý¿âÌá½»ÕýÈ·µÄ·ûºÏ¹æÔòµÄÊý¾ÝÀàÐÍ£¬ÕâÊÇ×î»ù±¾µÄÒªÇó¡£
¡¡¡¡ÄÇô¹¥»÷ÕßÔÚ magic_quotes_gpc = On ʱ£¬ËûÃÇÔõô¹¥»÷ÄØ£¿ºÜ¼òµ¥£¬¾ÍÊǶÔÊýÖµÐ͵Ä×ֶνøÐÐ SQL ×¢Èë¡£ÒÔÏÂÁÐµÄ php ½Å±¾ÎªÀý£º
if ( isset($_POST["f_login"] ) ) { // Á¬½ÓÊý¾Ý¿â... // ...´úÂëÂÔ... // ¼ì²éÓû§ÊÇ·ñ´æÔÚ $t_strUid = $_POST["f_uid"]; $t_strPwd = $_POST["f_pwd"]; $t_strSQL = "SELECT * FROM tbl_users WHERE uid=$t_strUid AND password = '$t_strPwd' LIMIT 0,1"; if ( $t_hRes = mysql_query($t_strSQL) ) { // ³É¹¦²éѯ֮ºóµÄ´¦Àí. ÂÔ... } }
<html><head><title>sample test</title></head> <body> <form method=post action=""> User ID: <input type="text" name="f_uid" size=30><br> Password: <input type=text name="f_pwd" size=30><br> <input type="submit" name="f_login" value="怬"> </form> </body>
¡¡¡¡ÉÏÃæÕâ¶Î½Å±¾ÒªÇóÓû§ÊäÈë userid ºÍ password µÇÈë¡£Ò»¸öÕý³£µÄÓï¾ä£¬Óû§ÊäÈë 1001ºÍabc123£¬Ìá½»µÄ sql Óï¾äÈçÏ£º
SELECT * FROM tbl_users WHERE userid=1001 AND password = 'abc123' LIMIT 0,1
¡¡¡¡Èç¹û¹¥»÷ÕßÔÚ userid ´¦£¬ÊäÈ룺1001 OR 1 =1 #£¬Ôò×¢ÈëµÄsqlÓï¾äÈçÏ£º
SELECT * FROM tbl_users WHERE userid=1001 OR 1 =1 # AND password = 'abc123' LIMIT 0,1
¡¡¡¡¹¥»÷Õß´ïµ½ÁËÄ¿µÄ¡£
¡¡Èý. ÈçºÎ·ÀÖ¹ PHP SQL ×¢Èë¹¥»÷
¡¡¡¡ÈçºÎ·ÀÖ¹ php sql ×¢Èë¹¥»÷£¿ÎÒÈÏΪ×îÖØÒªµÄÒ»µã£¬¾ÍÊÇÒª¶ÔÊý¾ÝÀàÐͽøÐмì²éºÍתÒå¡£×ܽáµÄ¼¸µã¹æÔòÈçÏ£º
- php.ini ÖÐµÄ display_errors Ñ¡ÏӦ¸ÃÉèΪ¡¡display_errors = off¡£ÕâÑù php ½Å±¾³ö´íÖ®ºó£¬²»»áÔÚ web Ò³ÃæÊä³ö´íÎó£¬ÒÔÃâÈù¥»÷Õß·ÖÎö³öÓÐ×÷µÄÐÅÏ¢¡£
- µ÷Óà mysql_query µÈ mysql º¯Êýʱ£¬Ç°ÃæÓ¦¸Ã¼ÓÉÏ @£¬¼´ @mysql_query(...)£¬ÕâÑù mysql ´íÎ󲻻ᱻÊä³ö¡£Í¬ÀíÒÔÃâÈù¥»÷Õß·ÖÎö³öÓÐÓõÄÐÅÏ¢¡£ÁíÍ⣬ÓÐЩ³ÌÐòÔ±ÔÚ×ö¿ª·¢Ê±£¬µ± mysql_query³ö´íʱ£¬Ï°¹ßÊä³ö´íÎóÒÔ¼° sql Óï¾ä£¬ÀýÈ磺
$t_strSQL = "SELECT a from b...."; if ( mysql_query($t_strSQL) ) { // ÕýÈ·µÄ´¦Àí } else { echo "´íÎó! SQL Óï¾ä£º$t_strSQL \r\n´íÎóÐÅÏ¢".mysql_query(); exit; }
¡¡¡¡ÕâÖÖ×ö·¨ÊÇÏ൱ΣÏÕºÍÓÞ´ÀµÄ¡£Èç¹ûÒ»¶¨ÒªÕâô×ö£¬×îºÃÔÚÍøÕ¾µÄÅäÖÃÎļþÖУ¬ÉèÒ»¸öÈ«¾Ö±äÁ¿»ò¶¨ÒåÒ»¸öºê£¬ÉèһϠdebug ±êÖ¾£º
È«¾ÖÅäÖÃÎļþÖУº$t_strSQL = "SELECT a from b...."; if ( mysql_query($t_strSQL) ) { // ÕýÈ·µÄ´¦Àí } else { if (DEBUG_MODE) echo "´íÎó! SQL Óï¾ä£º$t_strSQL \r\n´íÎóÐÅÏ¢".mysql_query(); exit; }
- ¶ÔÌá½»µÄ sql Óï¾ä£¬½øÐÐתÒåºÍÀàÐͼì²é¡£
¡¡ËÄ. ÎÒдµÄÒ»¸ö°²È«²ÎÊý»ñÈ¡º¯Êý
¡¡¡¡ÎªÁË·ÀÖ¹Óû§µÄ´íÎóÊý¾ÝºÍ php + mysql ×¢Èë £¬ÎÒдÁËÒ»¸öº¯Êý PAPI_GetSafeParam()£¬ÓÃÀ´»ñÈ¡°²È«µÄ²ÎÊýÖµ£º
define("XH_PARAM_INT",0); define("XH_PARAM_TXT",1); function PAPI_GetSafeParam($pi_strName, $pi_Def = "", $pi_iType = XH_PARAM_TXT) { if ( isset($_GET[$pi_strName]) ) $t_Val = trim($_GET[$pi_strName]); else if ( isset($_POST[$pi_strName])) $t_Val = trim($_POST[$pi_strName]); else return $pi_Def; // INT if ( XH_PARAM_INT == $pi_iType) { if (is_numeric($t_Val)) return $t_Val; else return $pi_Def; } // String $t_Val = str_replace("&", "&",$t_Val); $t_Val = str_replace("<", "<",$t_Val); $t_Val = str_replace(">", ">",$t_Val); if ( get_magic_quotes_gpc() ) { $t_Val = str_replace("\\\"", """,$t_Val); $t_Val = str_replace("\\''", "'",$t_Val); } else { $t_Val = str_replace("\"", """,$t_Val); $t_Val = str_replace("'", "'",$t_Val); } return $t_Val; }
-
¡¡¡¡ÔÚÕâ¸öº¯ÊýÖУ¬ÓÐÈý¸ö²ÎÊý£º
$pi_strName: ±äÁ¿Ãû $pi_Def: ĬÈÏÖµ $pi_iType: Êý¾ÝÀàÐÍ¡£È¡ÖµÎª XH_PARAM_INT, XH_PARAM_TXT, ·Ö±ð±íʾÊýÖµÐͺÍÎı¾ÐÍ¡£
¡¡¡¡Èç¹ûÇëÇóÊÇÊýÖµÐÍ£¬ÄÇôµ÷Óà is_numeric() ÅжÏÊÇ·ñΪÊýÖµ¡£Èç¹û²»ÊÇ£¬Ôò·µ»Ø³ÌÐòÖ¸¶¨µÄĬÈÏÖµ¡£
¡¡¡¡¼òµ¥Æð¼û£¬¶ÔÓÚÎı¾´®£¬ÎÒ½«Óû§ÊäÈëµÄËùÓÐΣÏÕ×Ö·û£¨°üÀ¨HTML´úÂ룩£¬È«²¿×ªÒå¡£ÓÉÓÚ php º¯Êý addslashes()´æÔÚ©¶´£¬ÎÒÓà str_replace()Ö±½ÓÌæ»»¡£get_magic_quotes_gpc() º¯ÊýÊÇ php µÄº¯Êý£¬ÓÃÀ´ÅÐ¶Ï magic_quotes_gpc Ñ¡ÏîÊÇ·ñ´ò¿ª¡£
¡¡¡¡¸Õ²ÅµÚ¶þ½ÚµÄʾÀý£¬´úÂë¿ÉÒÔÕâÑùµ÷Óãº
if ( isset($_POST["f_login"] ) ) { // Á¬½ÓÊý¾Ý¿â... // ...´úÂëÂÔ... // ¼ì²éÓû§ÊÇ·ñ´æÔÚ $t_strUid = PAPI_GetSafeParam("f_uid", 0, XH_PARAM_INT); $t_strPwd = PAPI_GetSafeParam("f_pwd", "", XH_PARAM_TXT); $t_strSQL = "SELECT * FROM tbl_users WHERE uid=$t_strUid AND password = '$t_strPwd' LIMIT 0,1"; if ( $t_hRes = mysql_query($t_strSQL) ) { // ³É¹¦²éѯ֮ºóµÄ´¦Àí. ÂÔ... } } ¡¡ÕâÑùµÄ»°£¬¾ÍÒѾÏ൱°²È«ÁË¡£PAPI_GetSafeParamµÄ´úÂëÓе㳤£¬µ«ÎþÉüÕâµãЧÂÊ£¬¶Ô±£Ö¤°²È«£¬ÊÇÖµµÃµÄ¡£Ï£Íû´ó¼Ò¶àÅúÆÀÖ¸Õý¡££º£©
ÍƼöÐÅÏ¢
- ¡¾ÊÓƵ²¥·Å¡¿JplayerÊÓƵ²¥·ÅÆ÷µÄʹÓÃ
- memcacheÄÚ´æÔÀí
- Memcache¼¼Êõ·ÖÏí£º½éÉÜ¡¢Ê¹Óᢴ洢¡¢Ëã·¨¡¢ÓÅ»¯....
- php³£ÓÃÕýÔò±í´ïʽ
- phpÐÔÄܼà²âÄ£¿éXHProf
- ÈÃCI¿ò¼ÜÖ§³Öservice²ã
- ʹÓÃPHPÉú³É´øLOGOµÄ¸öÐÔ»¯¶þάÂëͼÏñ
- ¹ØÓÚCodeIgniterÄã¿ÉÄܲ»ÖªµÀµÄ5¸ö֪ʶµã
- Memcache ºÁÃ뼶³¬Ê±¼°ÆäËû³£¼ûÎÊÌâ»ã×Ü
- [PHP±Ê¼Ç]PHPQueryÒ»¸ö´¦ÀíDOMµÄÀûÆ÷
ÈÈÃÅÐÅÏ¢
- nohup: redirecting stderr to stdou....
- ʹÓÃlog_formatΪNginx·þÎñÆ÷ÉèÖøüÏêϸµÄÈÕÖ¾¸ñʽ
- jquery easyUI--dataGrid-Json
- [Ô´´]·ÂGoogle Reader¡¢ÐÂÀË΢²©¡¢ÌÚѶ΢²©µ....
- ÀûÓÃKeepalived+mysql¹¹½¨¸ß¿ÉÓÃMySQLË«Ö÷×Ô¶....
- Nginx+keepalivedʵÏÖ¸ºÔؾùºâºÍË«»úÈȱ¸¸ß¿ÉÓÃ
- jqueryʵÏÖÒ³Ãæ¼ÓÔؽø¶ÈÌõ
- Rolling cURL: PHP²¢·¢×î¼Ñʵ¼ù
- codeigniter ·ÓÉÖÕ¼«ÓÅ»¯(url rewrite)
- linuxÏÂÉèÖÃsshÎÞÃÜÂëµÇ¼
×î½ü¸üÐÂ
- PHP»ñÈ¡Óû§µÄÕæʵIP£¬²¢ÅжÏÊÇ·ñÄÚÍøIP
- PHP ´íÎóÈÕÖ¾ error_log
- ÀûÓÃbigpipe»úÖÆʵÏÖÒ³ÃæÄ£¿éµÄÒì²½äÖȾ chunked¼¼Êõ
- php¿ØÖÆÎļþÏÂÔØËÙ¶È
- js + php ¶ÁÈ¡¡¢²¥·ÅÊÓƵÁ÷ ¼æÈÝfirefox£¬c....
- ¡¾ÊÓƵ²¥·Å¡¿JplayerÊÓƵ²¥·ÅÆ÷µÄʹÓÃ
- UNICODE Óë UTF-8 µÄ¹Øϵ
- memcacheÄÚ´æÔÀí
- Memcache¼¼Êõ·ÖÏí£º½éÉÜ¡¢Ê¹Óᢴ洢¡¢Ëã·¨¡¢ÓÅ»¯....
- phpʹÓÃmb_detect_encoding¼ì²â×Ö·û´®±àÂë
ÆÀÂÛ