If the input will later be used as parameters to operating system commands, scripts, and database queries, then it is essential that you do so.
如果输入以后会被用作操作系统命令、脚本和数据库查询的参数,那么对输入进行清理是非常重要的。
Replacement operators ensure that malicious scripts can't append SQL into queries to override the existing code and get access to data that they shouldn't see.
替换操作符确保恶意脚本不能将SQL附加到查询中覆盖现有代码,访问它们不应该看到的数据。
应用推荐