PHP SQL
if ($_POST["admin"]!=""){ $admin=$_POST["admin"]; $pwd=$_POST["pwd"]; $conn = new com("ADODB.Connection"); $connstr="DRIVER=Microsoft Access Driver (*.mdb);DBQ=".realpath("../../YCHB85SAD87/#YCHB85SAD87.mdb"); $conn->open($connstr); $sql="select * from admin where admin='$admin' and pwd='$pwd'"; $rs = new com("ADODB.RecordSet"); $rs->Open($sql,$conn,1,1); if(! $rs->eof){ session_start(); $_SESSION['username']=$rs['username']; echo "<script>alert('登录成功!');window.location='main1.asp';</script>"; } else{ echo "<script>alert('登录失败!');history.back();</script>"; } }求解析
这样写验证判断不怕被注入吗?
这个测试的 依赖注入在另个文件的
