标签:
参加下面:
http://leapar.lofter.com/post/122a03_3028a9
http://huaidan.org/archives/2268.html
https://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html
sql宽字节注入,绕过单引号
原文地址:http://www.cnblogs.com/shengulong/p/5738206.html