Home > Backend Development > PHP Tutorial > 关于sql注入的请问

关于sql注入的请问

WBOY
Release: 2016-06-13 13:10:16
Original
1077 people have browsed it

关于sql注入的请教
刚才看了这个帖子
http://topic.csdn.net/u/20121011/08/ed0d9538-0ed1-49c4-95c3-0fc1ef686aa2.html

他的登录代码是这样的:

PHP code
<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

-->$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$sql="select * from users where username='$username' and password='$password'";
Copy after login

后来根据他的方法,在知道用户名的情况下确实可以绕过密码提交登录成功。

不过他的方法首要先满足get_magic_quotes_gpc过滤关闭的情况下,这是基础条件。

然后他的登录代码似乎太落后了,现在的密码一般都是用md5加密一下,比如我的登录验证一般是这样写的:
PHP code
<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

-->$username = $_REQUEST['username'];
$password = md5($_REQUEST['password']);//改了这行
$sql="select * from users where username='$username' and password='$password'";
Copy after login

这样提交表单得到的$sql就成了:
Select * from users where username='sean' and password='7e2705cbd698f255b7fe11eff40de898'


像这种情况应该怎么注入呢?

------解决方案--------------------
不是还有 $username 吗?干嘛非要是 $password

只要 magic_quotes_gpc = on 这些小儿科的攻击立即失效
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template