請問懂 隱碼攻擊、SQL注入 的大大 下面的語句 還會被 隱碼攻擊、SQL注入 攻擊嗎?
先謝謝各位大大
"SELECT \r\n [Extent1].[fOrderId] AS [fOrderId], \r\n [Extent1].[fUId] AS [fUId], \r\n [Extent1].[fReceiver] AS [fReceiver], \r\n [Extent1].[fReceiverPhone] AS [fReceiverPhone], \r\n [Extent1].[fReceiverAddress] AS [fReceiverAddress], \r\n [Extent1].[fOrderDate] AS [fOrderDate], \r\n [Extent1].[fOrderState] AS [fOrderState], \r\n [Extent1].[fDate] AS [fDate]\r\n FROM [dbo].[tOrder2] AS [Extent1]\r\n WHERE (((DATEPART (year, [Extent1].[fOrderDate])) = (DATEPART (year, @p__linq__0))) OR ((DATEPART (year, [Extent1].[fOrderDate]) IS NULL) AND (DATEPART (year, @p__linq__0) IS NULL))) AND (((DATEPART (month, [Extent1].[fOrderDate])) = (DATEPART (month, @p__linq__1))) OR ((DATEPART (month, [Extent1].[fOrderDate]) IS NULL) AND (DATEPART (month, @p__linq__1) IS NULL)))"
已邀請的邦友 {{ invite_list.length }}/5
單純來說~你這樣不會~
所謂隱碼攻擊~是你沒有驗證來源的值~就直接帶入SQL查詢了~
該是數值就是要在後台驗證接值是數字~
該是字串就是要過濾單引號是否更新修正為正確文字輸入(或者你直接刪除單引號)
你只要能把SQL逸脫字元(通常是單引號)從可被輸入的input拿掉,就能避免這類的問題,通常只會發生在帳號驗證的環節,如
SELECT COUNT(*) FROM USERS WHERE ID = '$USERNAME' AND PASSWORD = '$PASS'
在安全性很低的論壇系統裡,常常發生只要有人在$PASS裡輸入以下內容,$USERNAME輸入管理員帳號就過了
' OR ''='
最簡單且有效的方法,把不該出現的字元REPLACE掉,諸如此類
$PASS = replace("'","",$PASS);
根本的問題,就是少用POST或GET變數來直接串SQL作驗證,至於應用在商用環境,除非用戶很清楚你的資料庫框架,不然被破壞的機會真的不大,想太多都不用工作了
iThome鐵人賽
看影片追技術