I'm using mysqli to resist second-order injection attacks. My code (your can't pay attention to the spelling of letters, just pay attention to the questions I raised) is:
$sql = "select * from users where username = ? and passcode= ? ";
$stmt = $con->prepare($sql);
if (!$stmt) exit("prepare执行错误"");
$stmt->bind_param("ss", $username,Spasswd);
$stmt->execute();
if(Sstmt->affected_rows>0)
{
$result = $stmt->get_result();
$Srow = $result->fetch_row();
if ($row)
{
session_start();
$_SESSION['username']= $row[1];
echo $row[1].'欢迎访问!";
echo "<br>";
echo "<a href='updatepasswd.html'>修改密码</a>";
}
else
{
echo "<script=alert('用户名或密码错误!"); history.go(-1);</script>";
}
$stmt--close();
}
else{
die('sQL语句执行失败, : '.mysqli_error($con));}
Some users in my database have:"admin"和"admin'#" However, no matter which login I use, the SQL statement fails.If you change "if ($stmt - > affected_rows > 0)" to "if ($stmt - > execute())", no matter which one you use, you will be prompted with the wrong user name or password (but I typed it correctly).The search data says that "execute()" only judges the correctness of the SQL statement and does not care about the results, but my SQL is a query statement. I feel that there is no change in the line after execution, so I don't know what to do. My problem now is to change this query into a parametric query and log in to the account with special characters.
