??????sql???????????

???????????? ???????[ 2015/6/30 15:28:55 ] ?????????????

????1.PDO????????
??????????????????????е?sql??????????????壬??????????????????ж???
???????????????????
????1.1??????????????Σ????????????????????????ж?Ρ????仰???????????????????????????ж?Σ?????PDO??????????ó????????
????1.2??????????????????Я????????????????Ч???sql?????????????????????????????δ????????????????????????sql????????
????1.3??????pdo???????Ч??????
????1.3.1??limit???
????1.3.2:like%?%.????????????λ?????????????????????????????like??????????????????????%iloveyou%;
????2.????????????decode???Ρ????url???????
????????????????????????????????????????????????????????????????????á?
????http://drops.wooyun.org/tips/968
????3.???????????????????Щsql??????????urldecode???κ?)??????union??select??concat?????????????磬??Щsql??????????滻????????磺seSelectlect?????????select??????????????????select??
???????????????д?????sql?????????滻????????????????????????????????????????sql????????
publicfunctionremoveSql($keyword){
$temKeywords=urldecode(urldecode(trim($keyword)));
$sqlKeywords=array("/add/i"??"/(/"??"/)/"??"/alter/i"??"/update/i"??"/delete/i"??"/select/i"??"/and/i"??"/or/i"??"/between/i"??"/group/i"??"/drop/i"??"/from/i"??"/having/i"??"/order/i"??"/like/i"??"/change/i"??"/limit/i"??"/distinct/i"??"/'/"??"/"/"??"/%27/i"??"/0x27/i"??"/mid/i"??"/database()/i"??"/in/i"??"/concat/i"??"/char(.*?)/i"??"/%/"??"/union/i"??"/=/"??"/s+/");
$sqlReplacement="";
$resKeyword=preg_replace($sqlKeywords??$sqlReplacement??$temKeywords);
return$resKeyword;
}
??????????Щ??????????????sql??????