说明整数资料和浮点数资料之间的差异,以及如何在指令码中输入数值资料。
Describes the difference between integral and floating-point data and how to enter numeric data in a script.
恶意使用者能够取得要执行的程序码(指令码),方法是将其伪装成页面的使用者输入或连结。
A malicious user manages to get code (script) to execute by masking it as user input from a page or as a link.
显示使用者输入之前,必须先检查输入是否有恶意用户端指令码,例如可执行的指令码或SQL陈述式。
Before displaying user input, the input must be checked for malicious client script, such as executable script or SQL statements.
显示使用者输入之前,必须先检查输入是否有恶意用户端指令码,例如可执行的指令码或SQL陈述式。
Before displaying user input, the input must be checked for malicious client script, such as executable script or SQL statements.
应用推荐