Blogger Information
Blog 52
fans 1
comment 1
visits 38942
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
pdo预处理机制在防sql注入的作用
小丑0o鱼
Original
678 people have browsed it
  1. 1. pdo预处理机制在防sql注入的作用?
  2. $sql = select from users where username=’{$user}’ and password=’{$pwd}’”
  3. 假定用户输入的帐号为’ or 1=1 #及密码任意
  4. PDO会拼接字符串结果如下:
  5. select from users where username=’’ or 1=1 #’ and password=’qetad’”
  6. 条件被修改为username=’’ or 1=1这个结果为真, 密码被#注释了,导致无需用户名和密码就能通过执行.
  7. $dsn = "mysql:host=127.0.0.1;dbname=user;";
  8. $username = "root";
  9. $password = "root123";
  10. $pdo = new PDO($dsn, $username, $password);
  11. //假定用户输入的帐号为' or 1=1 #及密码任意
  12. $user = "' or 1=1 #";
  13. $pwd = "qetad";
  14. $sql = "select * from `users` where `username`='{$user}' and `password`='{$pwd}'";
  15. //rowCount影响行数
  16. echo $stmt->rowCount(); //输出 104
  17. 当使用prepare时,prepare语句服务器发送一条sqlmysql服务器,mysql服务器会解析这条sql
  18. excute语句会把绑定的参数当做纯参数赋值给prepare。哪怕参数中有sql命令也不会被执行,从而实现防治sql注入。
  19. $dsn = "mysql:host=127.0.0.1;dbname=user;";
  20. $username = "root";
  21. $password = "root123";
  22. $pdo = new PDO($dsn, $username, $password);
  23. //假定用户输入的帐号为' or 1=1 #及密码任意
  24. $user = "' or 1=1 #";
  25. $pwd = "qetad";
  26. $sql = "select * from `users` where `username`=:user and `password`=:pwd";
  27. //使用prepare
  28. $stmt = $pdo->prepare($sql);
  29. $stmt->bindParam('user',$user);
  30. $stmt->bindParam('pwd', $pwd);
  31. $stmt->execute();
  32. //rowCount影响行数
  33. echo $stmt->rowCount(); // 0
  34. 2. pdo curd预处理? 扩展:pdo 预处理中bindValuebindParam的不同之处有哪些?
  35. bindValue
  36. PDOStatement::bindValue ($param, $value, $type = PDO::PARAM_STR) bool
  37. 绑定一个值到用作预处理的 SQL 语句中的对应命名占位符或问号占位符
  38. bindParam
  39. PDOStatement::bindParam ($param, &$var, $type = PDO::PARAM_STR, $maxLength = null, $driverOptions = null) bool
  40. 绑定一个PHP变量到用作预处理的SQL语句中的对应命名占位符或问号占位符。 不同于 PDOStatement::bindValue() ,此变量作为引用被绑定,并只在 PDOStatement::execute() 被调用的时候才取其值。
  41. bindParam不能绑定具体的数值.
  42. $dsn = "mysql:host=127.0.0.1;dbname=user;";
  43. $username = "root";
  44. $password = "root123";
  45. $pdo = new PDO($dsn, $username, $password);
  46. // 使用问号点位符
  47. $sql1 = "select * from `users` where `id`=:id";
  48. $stmt1 = $pdo->prepare($sql1);
  49. $id = 1;
  50. $stmt1->bindValue('id',$id);
  51. $stmt1->bindParam('id',$id);
  52. $stmt1->execute();
  53. // 使用命名点位符
  54. $sql2 = "select * from `users` where `id`=?";
  55. $stmt2 = $pdo->prepare($sql1);
  56. $stmt2->bindValue(1,1);
  57. $stmt2->bindParam(1,1); //报错
  58. $stmt2->execute();
Correction status:Uncorrected

Teacher's comments:
Statement of this Website
The copyright of this blog article belongs to the blogger. Please specify the address when reprinting! If there is any infringement or violation of the law, please contact admin@php.cn Report processing!
All comments Speak rationally on civilized internet, please comply with News Comment Service Agreement
0 comments
Author's latest blog post