mysql - 看这条sql有可能被注入吗

Question

{代码...} $sortField$和$sortOrder$可以写任意sql 这条sql有被注入的风险吗

ringa_lee · Answer

As long as you directly use variables to generate sql statements, there is a risk of being injected

SELECT * FROM table1 where condition1=1 ORDER BY $sortField$ $sortOrder$ limit 0,20

sortField="id"
sortOrder="; drop table users; --"

Your sql will become

SELECT * FROM table1 where condition1=1 ORDER BY id; drop table users; -- limit 0,20

天蓬老师 · Answer

You are thinking about the problem in the wrong direction.

The correct way to prevent injection is to use the parameter mode of the official driver, because only the official version knows how to avoid being injected.

If you write SQL yourself, even if it is not injected now, maybe if one of the components involved in this link changes in the future, there will be a risk of being injected.

怪我咯 · Answer

You can directly test it with sqlmap, its engine is still very powerful

Php8, I'm coming too

Learn website layout in 30 minutes

Shangguan Oracle Beginner to Proficient Video Tutorial

Your first line of UNI-APP code

Flutter from scratch to app launch

Brother Lian New Linux Video Tutorial

AXURE 9 Video Tutorial (Suitable for Product Manager Interactive Product Design UI)

Zero Basic Proficiency PS Video Tutorial

16 day UI video tutorial to get you started

PS Techniques and Slicing Techniques Video Tutorial

Alibaba Cloud Environment Construction and Project Launch Video Tutorial

Overview of Computer Networks - Basic Knowledge that Programmers Must Master

Essential Tutorial for Programmers - HTTP Protocol Explanation

Websocket Video Tutorial