还是SQL问题,ORA-00936: 缺失表达式???

streamlong 发布于 2011/06/15 15:20
阅读 17K+
收藏 0

为何???

stm.executeUpdate("insert into tb_user(user_id, user_name, full_name, user_code, user_state, password, sequence, string1, string2, string3, string4) values(hibernate_sequence.nextval,'"
        + e.getUserName()
        + "', '"
        + e.getEntityName()
        + "', '"
        + e.getEntityNo()
        + "', 0, 123,"
        + e.getEntityNo()
        + ",'"
        + e.getWorkPhone()
        + "', '"
        + e.getAddressPhone()
        + "', '"
        + e.getTelPhone()
        + "', '"
        + e.getShortPhone()
        + "')");

加载中
1
红薯
红薯

为什么会有很多 SQL 注入攻击,就是这种程序搞的。

把你拼出来的SQL打印出来看看吧,建议把所有参数都用 ? 代替,然后用 PreparedStatment 来执行

streamlong
streamlong
谨记教诲!!!
0
streamlong
streamlong
原因已找出,是因为数据的值为空!!!
0
宏哥
宏哥

引用来自“红薯”的答案

为什么会有很多 SQL 注入攻击,就是这种程序搞的。

把你拼出来的SQL打印出来看看吧,建议把所有参数都用 ? 代替,然后用 PreparedStatment 来执行

$sql = "select count(*) as c from cms_controller c, cms_action a where a.controller_id = c.id and c.name=".$this->mdb->escape($this->request->controller)." and a.name=".$this->mdb->escape($this->request->action)." and a.id in(select id from cms_action where protected=false union select id from cms_action where protected=true and id in (select action_id from cms_profile_action pa, cms_user u where u.profile_id=pa.profile_id and u.id=".$this->mdb->escape($this->user->id)."))";

$c = $this->mdb->query(Database::SELECT,$sql,true)->get("c");


这样就不会了
streamlong
streamlong
高!!!
返回顶部
顶部