我正在进行一些实验,通过从我指定的SQL关键字数组中进行检查,将字符串JERRY附加到sql语句中的每个sql关键字。我想从搜索变量中删除字符串JERRY,这样,如果我键入一个UNION(SELECT 1,fname,用户名,来自用户的密码);-在搜索输入字段中,打印的sql语句应如下所示;
[SELECTJERRY * FROMJERRY购物WHEREJERRY标题LIKEJERRY'%a'UNION(SELECT 1,fname,username,FROM FROM users);-%'
目标是我不希望输入搜索变量中的SQL关键字具有字符串JERRY。
但是现在,这就是我得到的;
[SELECTJERRY * FROMJERRY购物WHEREJERRY标题LIKEJERRY'%a'UNIONJERRY(SELECT 1,fname,用户名,密码FROMJERRY用户);-%'
我该如何实现?
$search = $_GET['search'];
if (empty($search)) {
echo "Please fill in the search bar";
exit();
}
$keywords = ["SELECT", "FROM", "WHERE", "LIKE", "AND", "OR", "ON","UNION", "JOIN"];
$sql = "SELECT * FROM shopping WHERE title LIKE '%$search%'";
$splittedSql = explode(" ", $sql);
foreach ($splittedSql as $sl) {
if (in_array($sl, $keywords)) {
$newstatement = $sl . "JERRY" . ' ';
} else {
$newstatement = $sl . ' ';
}
echo $newstatement;
}
由于$search
将受到explode
的影响,因此使用空格,我们可以通过用唯一字符替换空格来防止这种情况:
$search = str_replace(" ","uniquecharacters",$search);
然后用空格替换那些独特的字符
$keywords = ["SELECT", "FROM", "WHERE", "LIKE", "AND", "OR", "ON","UNION", "JOIN"];
$search = str_replace(" ","uniquecharacters",$search);
$sql = "SELECT * FROM shopping WHERE title LIKE '%$search%'";
$splittedSql = explode(" ", $sql);
foreach ($splittedSql as $sl) {
if (in_array($sl, $keywords)) {
$newstatement = $sl . "JERRY" . ' ';
} else {
$newstatement = str_replace("uniquecharacters"," ",$sl);
$newstatement = $sl . ' ';
}
echo $newstatement;
}