MySQL·À×¢Èë
·ÀÖ¹×¢ÈëµÄ¼¸ÖÖ°ì·¨
ÆäʵÔÀ´¾ÍÊÇÎÒÃÇÐèÒª¹ýÂËһЩÎÒÃdz£¼ûµÄ¹Ø¼ü×ֺͷûºÏÈ磺
Select£¬insert£¬update£¬delete£¬and£¬*£¬µÈµÈ
function inject_check($sql_str) {
return eregi('select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file
|outfile', $sql_str);
}
»òÕßÊÇͨ¹ýϵͳº¯Êý¼äµÄ¹ýÂËÌØÊâ·ûºÅ
Addslashes£¨ÐèÒª±»¹ýÂ˵ÄÄÚÈÝ£©
Ïà¹ØÎĵµ£º
µ¼³ö
select field1,field2,field3 from tablename into outfile '/home/output1.csv' fields terminated by ','optionally enclosed by ''lines terminated by '\n';
µ¼Èë
load data local infile '/home/output1.csv' into table tablename fields terminated by ','lines terminated by '\n'(field1,f ......
MySQLÊÖ²áÖп´µ½µÄ£¬¼Ç¼Ï¡£
MySQL¿ÉÒÔΪ¶à¸öÁд´½¨Ë÷Òý¡£Ò»¸öË÷Òý¿ÉÒÔ°üÀ¨15¸öÁС£¶ÔÓÚijЩÁÐÀàÐÍ£¬¿ÉÒÔË÷ÒýÁеÄǰ׺(²Î¼û7.4.3½Ú£¬“ÁÐË÷Òý”)¡£
¶àÁÐË÷Òý¿ÉÒÔÊÓΪ°üº¬Í¨¹ýÁ¬½ÓË÷ÒýÁеÄÖµ¶ø´´½¨µÄÖµµÄÅÅÐòµÄÊý×é¡£
MySQL°´ÕâÑùµÄ·½Ê½Ê¹Óöà ......
MysqlÊý¾Ý¿âÊÇÒ»¸ö¶àÓû§£¬¶àÏ̵߳ĹØϵÐÍÊý¾Ý¿â£¬ÊÇÒ»¸ö¿Í»§»ú/·þÎñÆ÷½á¹¹µÄÓ¦ÓóÌÐò¡£ËüÊǶԸöÈËÓû§ºÍÉÌÒµÓû§ÊÇÃâ·ÑµÄ.
¡¡¡¡MysqlÊý¾Ý¿â¾ßÓÐÒÔÏÂÓŵ㣺
¡¡¡¡1.ͬʱ·ÃÎÊÊý¾Ý¿âµÄÓû§µÄÊýÁ¿²»ÊÜÏÞÖÆ
¡¡¡¡2.¿ÉÒÔ±£´æ³¬¹ý5ǧÍòÌõµÄ¼Ç¼
¡¡¡¡3.ÊÇÄ¿Ç°Êг¡ÉÏÏÖÓÐÊý¾Ý¿â²úÆ·ÖÐÔËÐÐËÙ¶È×î¿ìµÄÊý¾Ý¿âϵͳ
¡¡¡¡4.Óû§È¨ÏÞ ......
MySQL³£ÓõĴ洢ÒýÇæΪMyISAM¡¢InnoDB¡¢MEMORY¡¢MERGE£¬ÆäÖÐInnoDBÌṩÊÂÎñ°²È«±í£¬ÆäËû´æ´¢ÒýÇ涼ÊÇ·ÇÊÂÎñ°²È«±í¡£
MyISAMÊÇMySQLµÄĬÈÏ´æ´¢ÒýÇæ¡£MyISAM²»Ö§³ÖÊÂÎñ¡¢Ò²²»Ö§³ÖÍâ¼ü£¬µ«Æä·ÃÎÊËٶȿ죬¶ÔÊÂÎñÍêÕûÐÔûÓÐÒªÇó¡£
InnoDB´æ´¢ÒýÇæÌṩÁ˾ßÓÐÌá½»¡¢»Ø¹öºÍ±ÀÀ£»Ö¸´ÄÜÁ¦µÄÊÂÎñ°²È«¡£µ«ÊDZÈÆðMyISAM´æ´ ......
