<?php
$user = 'john';
$pwd = "' OR ''='";
$sql = "SELECT * FROM users WHERE
user='" . $user . "' AND password='" . $pwd . "'";
echo $sql.'<br />';
// escape username and password for use in SQL
$user = mysql_real_escape_string($user);
$pwd = mysql_real_escape_string($pwd);
$sql_escaped = "SELECT * FROM users WHERE
user='" . $user . "' AND password='" . $pwd . "'";
echo $sql_escaped;
?>
它显示:mysql如何解释转义字符串?
SELECT * FROM users WHERE user='john' AND password='' OR ''=''
SELECT * FROM users WHERE user='john' AND password='\' OR \'\'=\''
问:
如何MySQL的解释这一行:password='\' OR \'\'=\''
? password
等于\
还是什么?
MySQL中的转义序列与PHP中的转义序列几乎相同。即使堆栈溢出的语法荧光笔给出了一个很好的线索...... –