$name='" or ""="';
select * from stu where name=?;
--==============================
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
| 11 | kkak | 1 | 19 | class113 |
| 12 | lll | 0 | 26 | class115 |
| 13 | uuau | 0 | 24 | class113 |
| 14 | yy | 1 | 21 | class113 |
| 15 | ttt | 0 | 20 | class113 |
+----+----------+------+------+---------+
14 rows in set (0.00 sec)
mysql> prepare select_stu from 'select * from stu where name=?';
Query OK, 0 rows affected (0.03 sec)
Statement prepared
mysql> set @name='zhangsan';
Query OK, 0 rows affected (0.00 sec)
mysql> execute select_stu using @name;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
+----+----------+------+------+---------+
1 row in set (0.00 sec)
mysql> set @name="' or ''='";
Query OK, 0 rows affected (0.00 sec)
mysql> execute select_stu using @name;
Empty set (0.02 sec)
--===============================
mysql> set autocommit=0;
Query OK, 0 rows affected (0.00 sec)
mysql> delete from stu where id>10;
Query OK, 5 rows affected (0.03 sec)
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
+----+----------+------+------+---------+
9 rows in set (0.00 sec)
mysql> update stu set age=age+2 where id in(7,8,10);
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 23 | class115 |
| 8 | ccac | 1 | 28 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 20 | class113 |
+----+----------+------+------+---------+
9 rows in set (0.00 sec)
mysql> rollback;
Query OK, 0 rows affected (0.04 sec)
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
| 11 | kkak | 1 | 19 | class113 |
| 12 | lll | 0 | 26 | class115 |
| 13 | uuau | 0 | 24 | class113 |
| 14 | yy | 1 | 21 | class113 |
| 15 | ttt | 0 | 20 | class113 |
+----+----------+------+------+---------+
14 rows in set (0.00 sec)
mysql> commit;
Query OK, 0 rows affected (0.00 sec)
select * from stu where name=?;
--==============================
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
| 11 | kkak | 1 | 19 | class113 |
| 12 | lll | 0 | 26 | class115 |
| 13 | uuau | 0 | 24 | class113 |
| 14 | yy | 1 | 21 | class113 |
| 15 | ttt | 0 | 20 | class113 |
+----+----------+------+------+---------+
14 rows in set (0.00 sec)
mysql> prepare select_stu from 'select * from stu where name=?';
Query OK, 0 rows affected (0.03 sec)
Statement prepared
mysql> set @name='zhangsan';
Query OK, 0 rows affected (0.00 sec)
mysql> execute select_stu using @name;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
+----+----------+------+------+---------+
1 row in set (0.00 sec)
mysql> set @name="' or ''='";
Query OK, 0 rows affected (0.00 sec)
mysql> execute select_stu using @name;
Empty set (0.02 sec)
--===============================
mysql> set autocommit=0;
Query OK, 0 rows affected (0.00 sec)
mysql> delete from stu where id>10;
Query OK, 5 rows affected (0.03 sec)
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
+----+----------+------+------+---------+
9 rows in set (0.00 sec)
mysql> update stu set age=age+2 where id in(7,8,10);
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 23 | class115 |
| 8 | ccac | 1 | 28 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 20 | class113 |
+----+----------+------+------+---------+
9 rows in set (0.00 sec)
mysql> rollback;
Query OK, 0 rows affected (0.04 sec)
mysql> select * from stu;
+----+----------+------+------+---------+
| id | name | sex | age | classid |
+----+----------+------+------+---------+
| 1 | zhangsan | 1 | 20 | class113 |
| 3 | wangwu | 1 | 22 | class113 |
| 4 | lisi | 0 | 20 | class113 |
| 5 | aaa | 1 | 23 | class115 |
| 6 | bbbb | 1 | 42 | class113 |
| 7 | ddd | 0 | 21 | class115 |
| 8 | ccac | 1 | 26 | class113 |
| 9 | eee | 0 | 32 | class115 |
| 10 | www | 0 | 18 | class113 |
| 11 | kkak | 1 | 19 | class113 |
| 12 | lll | 0 | 26 | class115 |
| 13 | uuau | 0 | 24 | class113 |
| 14 | yy | 1 | 21 | class113 |
| 15 | ttt | 0 | 20 | class113 |
+----+----------+------+------+---------+
14 rows in set (0.00 sec)
mysql> commit;
Query OK, 0 rows affected (0.00 sec)
点击查看更多内容
为 TA 点赞
评论
共同学习,写下你的评论
评论加载中...
作者其他优质文章
正在加载中
感谢您的支持,我会继续努力的~
扫码打赏,你说多少就多少
赞赏金额会直接到老师账户
支付方式
打开微信扫一扫,即可进行扫码打赏哦