By Ay 暗影
In this case, MySQL Server parses and executes the code within the comment as it would any other SQL statement, but other SQL servers will ignore the extensions. For example, MySQL Server recognizes theSTRAIGHT_JOIN keyword in the following statement, but If you add a version number after the “!” character, the syntax within the comment is executed only if the MySQL version is greater than or equal to the specified version number. The TEMPORARY keyword in the following comment is executed only by servers The comment syntax just described applies to how the mysqld server parses SQL statements. The mysql client program also performs some parsing of statements before sending them to the server. (It does this to determine statement boundaries within a multiple-statement input line.) */ comments is not supported.
第一部分主要讲的意思是,MYSQL 在遇到/*! SQL 语句*/这种格式的时候,里面的 SQL 以上我们可以看到 where id=1 部分被 mysql 解析了。 第二部分: /*!12345 SQL 语句*/ 然后接下来如何操作来填充其他字符来绕过防火墙就看大家的想象力了,抛砖引玉就到这里 了。 |
|