PHPize Online / SQLize Online  /  SQLtest Online

A A A
Share      Blog   Popular
Copy Format Clear
CREATE TABLE IF NOT EXISTS `test` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(222) CHARACTER SET gbk NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_turkish_ci; INSERT INTO `test` (`id`, `name`) VALUES (1, 'foo');
Copy Clear
Copy Format Clear
<?php $pdo->query('SET NAMES gbk'); $var = "\xbf\x27 OR 1=2 -- "; $query = 'SELECT * FROM test WHERE name = ? LIMIT 1'; $stmt = $pdo->prepare($query); $stmt->execute(array($var)); var_dump($stmt->fetchAll());
Show:  
Copy Clear