SQL注入自学[第一学：一个简单的注入环境的编写]

/*

转载请注明出处

ID：珍惜少年时

*/

CODE区域：

/*注：现在mysql_connect的这种连接方式已经被放弃了，也就是说不用了，老夫也是新手上路故，下载了一个wampserver2.2的低版本的环境来测试,当然了可以使用“@”符号，当然了用mysqli自然也是可以的。代码有待优化。新手上路嘛。嘻嘻。
*/
php 
$localhost="localhost:3306";
$dbusername="root";
$dbpassword="";
$con=mysql_connect($localhost,$dbusername,$dbpassword);
if (!$con) {
    die('could not connect'.mysql_error());
}else{
    echo "恭喜您成功连接数据库。
";
}
$selectdb=mysql_select_db('sqlinject');
if (!isset($_GET['id'])) {
    echo "亲，还没传参。";
    exit;
}else{
    $queryA = "create database " ;
    $query = "select * from admin where id = " .$_GET['id'];
}
$sql=mysql_query($query);
$mysql_fetch_array=mysql_fetch_array($sql);
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "
id
username
password
".$mysql_fetch_array['id']."
".$mysql_fetch_array['username']."
".$mysql_fetch_array['password']."
";
echo "您执行的sql语句是：".$query;
echo "
"."----------------------ID:珍惜少年时----------------------";
mysql_close($con);
 ?>

 

 

 

数据库的创建：

sql>create database sqlinject;                #创建sqlinject数据库
sql>use sqlinject;　　　　　　　　　　　　　　　　 #使用sqlinject库
sql>create table admin　　　　　　　　　　　　　　#admin表的创建
sql>(
sql>id int,                                   
sql>username varchar(255),
sql>password varchar(255)
sql>);
sql>                                          #数据插入
sql>insert into admin(id,username,password) values(1,"admin","admin");
sql>insert into admin(id,username,password) values(2,"liuneng","123456");
sql>insert into admin(id,username,password) values(3,"dapao","6546765");
sql>insert into admin(id,username,password) values(4,"ergou","427543");
sql>insert into admin(id,username,password) values(5,"daniu","2754616");
sql>insert into admin(id,username,password) values(6,"xiaowang","25744451");
sql>insert into admin(id,username,password) values(7,"lanlan","8416864");
sql>insert into admin(id,username,password) values(8,"zhangmei","387415");
sql>insert into admin(id,username,password) values(9,"haixing","8464354");

 

转载于:https://www.cnblogs.com/xishaonian/p/6031522.html