sqlite3 查看表结构 select * from sqlite_master where type="table" and name="emperors";

user 表 CREATE TABLE users(userid integer primary key autoincrement, name varchar(512) not null, email varchar(512) not null, pwd varchar(512) not null, role integer not null); INSERT INTO users (name, email, pwd, role) VALUES ('admin', '[email protected]', 'pwd', 0); INSERT INTO users (name, email, pwd, role) VALUES ('normal', '[email protected]', 'pwd', 1); // sql 注入攻击 $sql = "SELECT * FROM users WHERE name='{$_POST['name']}' AND pwd='{$_POST['pwd']}'"; // 用户注入 $_POST['user'] = 'john'; $_POST['pwd'] = "' OR ''='"; // 真正执行的sql语句 SELECT * FROM users WHERE name='xiaobing' AND pwd='' OR ''=''; // 解决办法：mysql real_escape_string、PDO quote、预处理、参数化查询（parameterized SQL statements）https://stackoverflow.com/questions/5857386/how-to-avoid-sql-injection-in-codeigniter

// https://codeigniter.com/user_guide/libraries/input.html // To return all POST items and pass them through the XSS filter set the first parameter NULL while setting the second parameter to boolean TRUE.

Proper and vigorous context-dependent output sanitizations key words: context-dependent, context-aware, context-sensitive, Auto-Escape https://security.googleblog.com/2009/03/reducing-xss-by-way-of-automatic.html

注意修改：application/conrollers/Upload.php 中静态的文件存储路径。

xss 和 sql 注入 警告