在你的web服務目錄下 創建一個php文件如下
<?php $conn = db_connect(); $sql = sprintf('update users set password = "%s" where id = %s', $_POST['password'], $_GET['id'] ); echo $sql . PHP_EOL; $result = $conn->query($sql); if(!$result){ echo 'sql執行出錯' . PHP_EOL; } function db_connect() { $result = new mysqli('', '', '', ''); if (!$result) { return false; } $result->autocommit(TRUE); return $result; } function db_result_to_array($result) { $res_array = array(); for ($count=0; $row = $result->fetch_assoc(); $count++) { $res_array[$count] = $row; } return $res_array; }
curl模擬 訪問傳參 post
curl -d "password=123456\";-- " http://localhost:8080/sanitize-validate-escape/sanitize-sql-bad.php?id=1
這樣 把 usrs表的所有記錄的密碼都改為了123456