unknown123
Сообщений: 1
Оценки: 0
Присоединился: 2010-08-06 14:01:43.930000
|
Есть sql-injetion http://www.hmbm.co.uk/cart.php?m=product_list&c=17' В ответ приходит notice Notice: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' AND ( ((invTrack = 'O' and (0 < os.inventory or 0 < ppa.invLevel )) O' at line 1 in /home/hmbm2010/public_html/lib/digiSHOP.lib.php on line 146
Notice: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'O' and (0 < os.inventory or 0 < ppa.invLevel )) OR (invTrack = 'P' and 0 < ' at line 1 in /home/hmbm2010/public_html/lib/digiSHOP.lib.php on line 146 Я пробовал составить запрос, но движок после этого вообще не выдавал ошибки.
|