SQL:SELECT a.*, b.subjectname, c.xueduanname FROM tbl_app_resource AS a LEFT JOIN tab_subject AS b ON a.subjectid=b.subjectid LEFT JOIN tab_xueduan AS c ON a.xueduanid=c.xueduanid WHERE a.rsid in ('11627','11837999999.9' /**/union/**/all /**/select 1,(/**/select /**/concat(0x217e21,ifnull(password,char(32)),0x217e21) /**/from users.','12858','12815','-7095' UNION ALL SELECT 8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698#') ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'union/**/all /**/select 1,(/**/select /**/concat(0x217e21,ifnull(password,char(3' at line 7 SQL:SELECT rsid, kppid, kppname FROM tbl_app_resource_kpp WHERE rsid IN ('17971','17969','17966','17965','17959','17957','11627','11837999999.9' /**/union/**/all /**/select 1,(/**/select /**/concat(0x217e21,ifnull(password,char(32)),0x217e21) /**/from users.','12858','12815','-7095' UNION ALL SELECT 8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698,8698#') ORDER BY kppid asc ERROR:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'union/**/all /**/select 1,(/**/select /**/concat(0x217e21,ifnull(password,char(3' at line 3 数理天地