# 2019/10/29 # 假設一個表格欄位有 stuid, name,要怎麼選擇出只有 name 欄位 SELECT DISTINCT name from AAA; # 承上題插入一個 stuid = 自己學號 name = 帥哥 的語法 INSERT INTO aaa (stuid,name) VALUES ( "D0683173", "帥哥" ); # 為什麼 admin\' 可以繞過防護 經過str_relace才會正確 # 截圖證明完成 SQL Injection I 及SQL Injection II ![](https://i.imgur.com/O9Szkwx.png)
{"metaMigratedAt":"2023-06-15T01:22:58.156Z","metaMigratedFrom":"Content","title":"2019/10/29","breaks":true,"contributors":"[{\"id\":\"93ea6294-abba-4bba-a72f-883752362c9e\",\"add\":295,\"del\":0}]"}
Expand menu