$sql = "SELECT * from". $site->table ("ad"). "Where language_id=". $s [0]. "and category=". $s [1]. "' and type=0 and stat E=0 ORDER BY sort_order DESC ";
mysql_query ($sql);
$s is the parameter passed through the URL, I would like to ask the next $s[0] fill in what value will cause an injection vulnerability or that the statement is not injected?
Reply to discussion (solution)
It's possible to fill in anything.
But I can't figure out what's going to hurt.
It seems to be limited by the following statements, and it is not very understanding of database injection.
If any of the Daniel knows that there is a hole to guide
Recommend the use of the framework bar, their own program will inevitably have a poorly considered place, the framework is different, some methods are automatically packaged, such as: Anti-SQL injection.
$s [0] = $s [0]. "--";//Add comment to collect more information
$s [0] = $s [0]. "And 0<> (select COUNT (*) from admin)";
I knew you had no admin on this watch, and so on.
$s [0] = $s [0]. "--";//Add comment to collect more information
$s [0] = $s [0]. "And 0<> (select COUNT (*) from admin)";
I know you have no admin this table, and so on actually the structure of the table I know, but I always feel that there is a problem, but it seems that the harm is not very big
where language_id= "" or "" = "" and