1

CI中:

$this->db->select('*')->where("username","skcdian")->where("password","' OR ''='")->get("user")->result();
 

SELECT * FROM (user) WHERE username = 'skcdian' AND password = '\' OR \'\'=\''

$password="'' OR ''='' ";
mysql_real_escape_string($password);

\'\' OR \'\'=\'\'

$password="'' OR ''='' ";
$data1=$this->db->query("SELECT * FROM (user) WHERE username = 'skcdian' AND password = {$password};")->result();
CI\system\database\drivers\mysql\mysql_driver.php

function escape_str($str, $like = FALSE)
{
	if (is_array($str))
	{
		foreach ($str as $key => $val)
   		{
			$str[$key] = $this->escape_str($val, $like);
   		}

   		return $str;
   	}

	if (function_exists('mysql_real_escape_string') AND is_resource($this->conn_id))
	{
		$str = mysql_real_escape_string($str, $this->conn_id);
	}
	elseif (function_exists('mysql_escape_string'))
	{
		$str = mysql_escape_string($str);
	}
	else
	{
		$str = addslashes($str);
	}

	// escape LIKE condition wildcards
	if ($like === TRUE)
	{
		$str = str_replace(array('%', '_'), array('\\%', '\\_'), $str);
	}

	return $str;
}

搬砖大叔
580 声望9 粉丝

这孩子比较勤奋,就是脑子不太好使


« 上一篇
Opcodes生成器
下一篇 »
docker常用命令