Mysql Order By注入总结

error_reporting(0); session_start(); mysql_connect("127.0.0.1", "root", "root") or die("Database connection failed "); mysql_select_db("sqlidemo") or die("Select database failed"); $order = $_GET[‘order‘] ? $_GET[‘order‘] : ‘name‘; $sql = "select id,name,price from goods order by $order"; $result = mysql_query($sql); $reslist = array(); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { array_push($reslist, $row); } echo json_encode($reslist);

create database sqlidemo;
use sqlidemo;
create table goods (id int(4) not null primary key auto_increment, name char(32) not null, price int(4) not null);
insert into goods (name, price)  values("apple", 10);
insert into goods (name, price) values("banana", 15);
insert into goods (name, price) values("peach", 20);

参考

http://xdxd.love/2016/03/07/order-by%E6%B3%A8%E5%85%A5%E7%82%B9%E5%88%A9%E7%94%A8%E6%96%B9%E5%BC%8F/
https://dev.mysql.com/doc/refman/5.7/en/control-flow-functions.html
https://dev.mysql.com/doc/refman/5.7/en/string-functions.html

?

Mysql Order By注入总结

标签：ima   for   auto   基于   rem   schema   tar   大量   column