From SQL Injection to Shell: PostgreSQL edition
SQL注入检测检测方法已经在“From SQL Injection to Shell”中详细描述过。唯一的区别是错误信息:
1Warning: pg_exec(): Query failed: ERROR: unterminated quoted string at or near "'" LINE 1: SELECT * FROM pictures where ...
続きを読む…