关于FOR XML PATH('')的小疑点,在线

最新推荐文章于 2021-10-23 14:28:09 发布
原创 最新推荐文章于 2021-10-23 14:28:09 发布 · 477 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文介绍了一个具体的SQL查询案例,通过使用FORXML PATH功能来生成带有工作计划的文本消息。展示了如何将表中数据转换为所需格式,并提供了解决方案以改进输出结果。
关于FOR XML PATH('')的小问题,在线求助
我有一个表是这样的
想按一下的查询连成想要的句子: 
SELECT '西门子dp平台核实:你好,平台已登记你本周的工作计划。'+
(SELECT * FROM #abc FOR XML PATH(''))+'祝你工作愉快!'


结果很难看:西门子dp平台核实:你好,平台已登记你本周的工作计划。<a>星期一</a><b>,上午公司会议</b><c>,下午公司会议。</c><a>星期一</a><b>,上午公司会议</b><c>,下午项目拜访。</c><a>星期五</a><b>,上午休假</b><c>,下午门店拜访。</c><a>星期四</a><b>,上午促销活动</b><c>,下午出差。</c><a>星期三</a><b>,上午Seminar</b><c>,下午代理商沟通。</c><a>星期二</a><b>,上午公司会议</b><c>,下午培训。</c><a>星期一</a><b>,上午门店拜访</b><c>,下午项目拜访。</c>祝你工作愉快!
 

------解决方案--------------------------------------------------------
SELECT '西门子dp平台核实:你好,平台已登记你本周的工作计划。'+
stuff((SELECT ','+a FROM (select a+b+c as a from #abc)a FOR XML PATH('')),1,1,'')+'祝你工作愉快!'
------解决方案--------------------------------------------------------
SELECT '西门子dp平台核实:你好,平台已登记你本周的工作计划。'+
(SELECT ''+a+b+c FROM #abc FOR XML PATH(''))+'祝你工作愉快!'

具体请点击:http://www.verydemo.com/demo_c92_i211128.html

iteye_11841
关注
for xml path 排序_LeetCode刷题:排课系列(Topological Sort 拓扑排序)
weixin_42357916的博客
01-17 434
一开始有意识到:如果存在几门课互为prerequisites连成环,就会陷入鸡生蛋循环无法完成所有课程。但我只用了普通的回溯法去做,test case超时。看提示发现这道题涉及到Topological Sort 拓扑排序,之前并没有接触过这一类型的题目,搜一下知乎看到这个讲解还不错:Uno Whoiam:拓扑排序的实现方法以及环路检测​zhuanlan.zhihu.com下面用一个简单的例子来过一...
关于for xml path('')
weixin_30337251的博客
06-29 280
今天在项目中遇到一个问题,在综合查询的时候,需要把同一个表中,同一个人的某个属性加起来放在一个字段中,这时候需要for xml path('') select * from t_Baseinfo bi left join (   select DISTINCT b.PersonID,    STUFF( ( select ','+ a.Featur...
mysql中for xml path_for XML path 使用技巧
weixin_39814093的博客
01-28 4540
FOR XML PATH 是sqlserver数据库的语法,能将查询出的数据转换成xml格式的数据.首先,我们来看一个正常的查询:SELECTTOP2id,name,crDateFROMsys.sysobjects查询出的是表格形式数据, 如果改成xml格式,则如下SELECTTOP2id,name,crDateFROMsys.sysobjectsFORXMLPATH...
for xml path
weixin_33940102的博客
06-01 135
测试建表create table WebNewsInfo(ID int identity(1,1),NewsTitle varchar(32) not null,HotFlag tinyint not null)alter table WebNewsInfo add constraint PK_WebNewsInfo_ID primary key(ID)insert into WebNewsIn...
使用for xml path()进行字符串拼接
weixin_30457465的博客
06-15 200
Department表 Employee表 查询结果: 查询每个部门的人员名称 首先创建视图查询出各个部门的人员名称: CREATE VIEW dbo.View_1AS SELECT dbo.Department.DepName, dbo.Employee.EmpName FROM dbo.Department INNER JOIN...
我的makefile代码如下:define write_to_file @echo "local $(1)_PROC_LIST='$($(1)_SORTED_PROC)'" >> filesystem/etc/mode-switch/ms_proclist @echo "local $(1)_ACTION_LIST='$($(1)_SORTED_ACTION)'" >> filesystem/etc/mode-switch/ms_proclist @echo "local $(1)_BG_LIST='$($(1)_BACKGROUND_LIST)'" >> filesystem/etc/mode-switch/ms_proclist endef $(foreach scene,$(SCENES),$(call write_to_file,$(scene))),输出结果:#!/bin/sh local factory_to_agent_PROC_LIST='apsd wportal' local factory_to_agent_ACTION_LIST='restart wportal_factory_to_agent' local factory_to_agent_BG_LIST=' 1 1' @echo local agent_to_controller_PROC_LIST='apsd' local agent_to_controller_ACTION_LIST='stop' local agent_to_controller_BG_LIST=' 1' @echo local controller_to_agent_PROC_LIST='apsd wportal' local controller_to_agent_ACTION_LIST='restart wportal_ctrl_to_agent' local controller_to_agent_BG_LIST=' 1 1' 为什么会出现for循环的前后两行输出到一行?
11-20
关于`@echo`出现在输出文件中:这几乎是不可能的,因为`echo`命令本身不会输出`@echo`。所以,这些`@echo`很可能是由Makefile打印出来的命令回显。 但是,我们在命令前加了`@`,所以不应该回显。那么,为什么会有...
如何基于这段代码“# YOLOv5 🚀 by Ultralytics, AGPL-3.0 license # PASCAL VOC dataset http://host.robots.ox.ac.uk/pascal/VOC by University of Oxford # Example usage: python train.py --data VOC.yaml # parent # ├── yolov5 # └── datasets # └── VOC ← downloads here (2.8 GB) # Train/val/test sets as 1) dir: path/to/imgs, 2) file: path/to/imgs.txt, or 3) list: [path/to/imgs1, path/to/imgs2, ..] path: ../datasets/VOC train: # train images (relative to 'path&#39;) 16551 images - images/train2012 - images/train2007 - images/val2012 - images/val2007 val: # val images (relative to 'path&#39;) 4952 images - images/test2007 test: # test images (optional) - images/test2007 # Classes names: 0: aeroplane 1: bicycle 2: bird 3: boat 4: bottle 5: bus 6: car 7: cat 8: chair 9: cow 10: diningtable 11: dog 12: horse 13: motorbike 14: person 15: pottedplant 16: sheep 17: sofa 18: train 19: tvmonitor # Download script/URL (optional) --------------------------------------------------------------------------------------- download: | import xml.etree.ElementTree as ET from tqdm import tqdm from utils.general import download, Path def convert_label(path, lb_path, year, image_id): def convert_box(size, box): dw, dh = 1. / size[0], 1. / size[1] x, y, w, h = (box[0] + box[1]) / 2.0 - 1, (box[2] + box[3]) / 2.0 - 1, box[1] - box[0], box[3] - box[2] return x * dw, y * dh, w * dw, h * dh in_file = open(path / f'VOC{year}/Annotations/{image_id}.xml&#39;) out_file = open(lb_path, 'w&#39;) tree = ET.parse(in_file) root = tree.getroot() size = root.find('size&#39;) w = int(size.find('width&#39;).text) h = int(size.find('height&#39;).text) names = list(yaml['names'].values()) # names list for obj in root.iter('object&#39;): cls = obj.find('name&#39;).text if cls in names and int(obj.find('difficult&#39;).text) != 1: xmlbox = obj.find('bndbox&#39;) bb = convert_box((w, h), [float(xmlbox.find(x).text) for x in ('xmin', 'xmax', 'ymin', 'ymax&#39;)]) cls_id = names.index(cls) # class id out_file.write(" ".join([str(a) for a in (cls_id, *bb)]) + '\n&#39;) # Download dir = Path(yaml['path']) # dataset root dir url = 'https://github.com/ultralytics/yolov5/releases/download/v1.0/' urls = [f'{url}VOCtrainval_06-Nov-2007.zip', # 446MB, 5012 images f'{url}VOCtest_06-Nov-2007.zip', # 438MB, 4953 images f'{url}VOCtrainval_11-May-2012.zip'] # 1.95GB, 17126 images download(urls, dir=dir / 'images', delete=False, curl=True, threads=3) # Convert path = dir / 'images/VOCdevkit' for year, image_set in ('2012', 'train&#39;), ('2012', 'val&#39;), ('2007', 'train&#39;), ('2007', 'val&#39;), ('2007', 'test&#39;): imgs_path = dir / 'images' / f'{image_set}{year}' lbs_path = dir / 'labels' / f'{image_set}{year}' imgs_path.mkdir(exist_ok=True, parents=True) lbs_path.mkdir(exist_ok=True, parents=True) with open(path / f'VOC{year}/ImageSets/Main/{image_set}.txt&#39;) as f: image_ids = f.read().strip().split() for id in tqdm(image_ids, desc=f'{image_set}{year}&#39;): f = path / f'VOC{year}/JPEGImages/{id}.jpg' # old img path lb_path = (lbs_path / f.name).with_suffix('.txt&#39;) # new label path f.rename(imgs_path / f.name) # move image convert_label(path, lb_path, year, id) # convert labels to YOLO format ”下载VOC数据集。
08-30
in_file = open(path / f'VOC{year}/Annotations/{image_id}.xml&#39;) tree = ET.parse(in_file) root = tree.getroot() size = root.find('size&#39;) w = int(size.find('width&#39;).text) h = int(size.find('height'...
for file in get_filenames(Scramble_path): if 'Voltage' in file: if Die_X == file.split('_&#39;)[0] and Die_Y == file.split('_&#39;)[1]: print(Die_X, Die_Y) all_data = pd.read_csv(f'{Scramble_path}/{file}&#39;) print("实际列名列表:", all_data.columns.tolist()) # print("构造的列名:", Config.Test_Voltage[0] + 'V&#39;) # print("列名类型检查:", type(all_data.columns[0]), type(Config.Test_Voltage[0] + 'V&#39;)) all_data = all_data.fillna('P&#39;) for Vol1 in ['P', 'F']: for Vol2 in ['P', 'F']: for Vol3 in ['P', 'F']: # for Vol1 in ['F']: # for Vol2 in ['F']: # for Vol3 in ['F']: if [int(Die_X), int(Die_Y)] in OS_list: M16.append([Vol1, Vol2, Vol3, Die_X, Die_Y, -1]) else: # 根据电压选择 # print(Config.Test_Voltage[0] + 'V&#39;) count = all_data[ (all_data[Config.Test_Voltage[0]+'V'] == Vol1) & (all_data[Config.Test_Voltage[1]+'V'] == Vol2) & (all_data[Config.Test_Voltage[2]+'V'] == Vol3) ].shape[0] # print(Config.Test_Voltage[0]+'V&#39;) M16.append([Vol1, Vol2, Vol3, Die_X, Die_Y, count]) 修改代码使得部分一:for Vol1 in ['P', 'F']: for Vol2 in ['P', 'F']: for Vol3 in ['P', 'F']: 和部分二:count = all_data[ (all_data[Config.Test_Voltage[0]+'V'] == Vol1) & (all_data[Config.Test_Voltage[1]+'V'] == Vol2) & (all_data[Config.Test_Voltage[2]+'V'] == Vol3) ].shape[0] 更灵活,不局限于3,而是根据Config.Test_Voltage中的数量来输出
11-19
for file in get_filenames(Scramble_path): if 'Voltage' in file: if Die_X == file.split('_&#39;)[0] and Die_Y == file.split('_&#39;)[1]: print(Die_X, Die_Y) all_data = pd.read_csv(f'{Scramble_path}/{file}...
zzz@zzz-virtual-machine:~/Desktop$ curl "http://192.168.20.128:8000/vuln/?geom=SRID=4326;SELECT%20version();--" <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="robots" content="NONE,NOARCHIVE"> <title>DisallowedHost at /vuln/</title> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } body * * { padding:0; } body { font:small sans-serif; background-color:#fff; color:#000; } body>div { border-bottom:1px solid #ddd; } h1 { font-weight:normal; } h2 { margin-bottom:.8em; } h3 { margin:1em 0 .5em 0; } h4 { margin:0 0 .5em 0; font-weight: normal; } code, pre { font-size: 100%; white-space: pre-wrap; } table { border:1px solid #ccc; border-collapse: collapse; width:100%; background:white; } tbody td, tbody th { vertical-align:top; padding:2px 3px; } thead th { padding:1px 6px 1px 3px; background:#fefefe; text-align:left; font-weight:normal; font-size:11px; border:1px solid #ddd; } tbody th { width:12em; text-align:right; color:#666; padding-right:.5em; } table.vars { margin:5px 0 2px 40px; } table.vars td, table.req td { font-family:monospace; } table td.code { width:100%; } table td.code pre { overflow:hidden; } table.source th { color:#666; } table.source td { font-family:monospace; white-space:pre; border-bottom:1px solid #eee; } ul.traceback { list-style-type:none; color: #222; } ul.traceback li.frame { padding-bottom:1em; color:#4f4f4f; } ul.traceback li.user { background-color:#e0e0e0; color:#000 } div.context { padding:10px 0; overflow:hidden; } div.context ol { padding-left:30px; margin:0 10px; list-style-position: inside; } div.context ol li { font-family:monospace; white-space:pre; color:#777; cursor:pointer; padding-left: 2px; } div.context ol li pre { display:inline; } div.context ol.context-line li { color:#464646; background-color:#dfdfdf; padding: 3px 2px; } div.context ol.context-line li span { position:absolute; right:32px; } .user div.context ol.context-line li { background-color:#bbb; color:#000; } .user div.context ol li { color:#666; } div.commands { margin-left: 40px; } div.commands a { color:#555; text-decoration:none; } .user div.commands a { color: black; } #summary { background: #ffc; } #summary h2 { font-weight: normal; color: #666; } #explanation { background:#eee; } #template, #template-not-exist { background:#f6f6f6; } #template-not-exist ul { margin: 0 0 10px 20px; } #template-not-exist .postmortem-section { margin-bottom: 3px; } #unicode-hint { background:#eee; } #traceback { background:#eee; } #requestinfo { background:#f6f6f6; padding-left:120px; } #summary table { border:none; background:transparent; } #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; } #requestinfo h3 { margin-bottom:-1em; } .error { background: #ffc; } .specific { color:#cc3300; font-weight:bold; } h2 span.commands { font-size:.7em; font-weight:normal; } span.commands a:link {color:#5E5694;} pre.exception_value { font-family: sans-serif; color: #575757; font-size: 1.5em; margin: 10px 0 10px 0; } .append-bottom { margin-bottom: 10px; } </style> <script type="text/javascript"> function hideAll(elems) { for (var e = 0; e < elems.length; e++) { elems[e].style.display = 'none'; } } window.onload = function() { hideAll(document.querySelectorAll('table.vars&#39;)); hideAll(document.querySelectorAll('ol.pre-context&#39;)); hideAll(document.querySelectorAll('ol.post-context&#39;)); hideAll(document.querySelectorAll('div.pastebin&#39;)); } function toggle() { for (var i = 0; i < arguments.length; i++) { var e = document.getElementById(arguments[i]); if (e) { e.style.display = e.style.display == 'none' ? 'block': 'none'; } } return false; } function varToggle(link, id) { toggle('v' + id); var s = link.getElementsByTagName('span&#39;)[0]; var uarr = String.fromCharCode(0x25b6); var darr = String.fromCharCode(0x25bc); s.textContent = s.textContent == uarr ? darr : uarr; return false; } function switchPastebinFriendly(link) { s1 = "Switch to copy-and-paste view"; s2 = "Switch back to interactive view"; link.textContent = link.textContent.trim() == s1 ? s2: s1; toggle('browserTraceback', 'pastebinTraceback&#39;); return false; } </script> </head> <body> <div id="summary"> <h1>DisallowedHost at /vuln/</h1> <pre class="exception_value">Invalid HTTP_HOST header: '192.168.20.128:8000'. You may need to add '192.168.20.128' to ALLOWED_HOSTS.</pre> <table class="meta"> <tr> <th>Request Method:</th> <td>GET</td> </tr> <tr> <th>Request URL:</th> <td>http://192.168.20.128:8000/vuln/?geom=SRID=4326;SELECT%20version();--</td> </tr> <tr> <th>Django Version:</th> <td>3.0.3</td> </tr> <tr> <th>Exception Type:</th> <td>DisallowedHost</td> </tr> <tr> <th>Exception Value:</th> <td><pre>Invalid HTTP_HOST header: '192.168.20.128:8000'. You may need to add '192.168.20.128' to ALLOWED_HOSTS.</pre></td> </tr> <tr> <th>Exception Location:</th> <td>/usr/local/lib/python3.10/dist-packages/django/http/request.py in get_host, line 122</td> </tr> <tr> <th>Python Executable:</th> <td>/usr/bin/python3</td> </tr> <tr> <th>Python Version:</th> <td>3.10.12</td> </tr> <tr> <th>Python Path:</th> <td><pre>['/root/django_cve_2020_9402', '/usr/lib/python310.zip', '/usr/lib/python3.10', '/usr/lib/python3.10/lib-dynload', '/usr/local/lib/python3.10/dist-packages', '/usr/lib/python3/dist-packages']</pre></td> </tr> <tr> <th>Server time:</th> <td>Sun, 30 Nov 2025 15:13:50 +0000</td> </tr> </table> </div> <div id="traceback"> <h2>Traceback <span class="commands"><a href="#" onclick="return switchPastebinFriendly(this);"> Switch to copy-and-paste view</a></span> </h2> <div id="browserTraceback"> <ul class="traceback"> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/core/handlers/exception.py</code> in <code>inner</code> <div class="context" id="c139322622269440"> <ol start="27" class="pre-context" id="pre139322622269440"> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> This decorator is automatically applied to all middleware to ensure that</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> no middleware leaks an exception and that the next middleware in the stack</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> can rely on getting a response instead of an exception.</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> """</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> @wraps(get_response)</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> def inner(request):</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> try:</pre></li> </ol> <ol start="34" class="context-line"> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> response = get_response(request)</pre> <span>…</span></li> </ol> <ol start='35' class="post-context" id="post139322622269440"> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> except Exception as exc:</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> response = response_for_exception(request, exc)</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> return response</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre> return inner</pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre></pre></li> <li onclick="toggle('pre139322622269440', 'post139322622269440&#39;)"><pre></pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322622269440&#39;)"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322622269440"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>exc</td> <td class="code"><pre>DisallowedHost("Invalid HTTP_HOST header: '192.168.20.128:8000'. You may need to add '192.168.20.128' to ALLOWED_HOSTS.&quot;)</pre></td> </tr> <tr> <td>get_response</td> <td class="code"><pre><django.middleware.common.CommonMiddleware object at 0x7eb69376d9c0></pre></td> </tr> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/vuln/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> </tbody> </table> </li> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/utils/deprecation.py</code> in <code>__call__</code> <div class="context" id="c139322622271488"> <ol start="86" class="pre-context" id="pre139322622271488"> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> def __init__(self, get_response=None):</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> self.get_response = get_response</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> super().__init__()</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre></pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> def __call__(self, request):</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> response = None</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> if hasattr(self, 'process_request&#39;):</pre></li> </ol> <ol start="93" class="context-line"> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> response = self.process_request(request)</pre> <span>…</span></li> </ol> <ol start='94' class="post-context" id="post139322622271488"> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> response = response or self.get_response(request)</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> if hasattr(self, 'process_response&#39;):</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> response = self.process_response(request, response)</pre></li> <li onclick="toggle('pre139322622271488', 'post139322622271488&#39;)"><pre> return response</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322622271488&#39;)"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322622271488"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/vuln/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> <tr> <td>response</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>self</td> <td class="code"><pre><django.middleware.common.CommonMiddleware object at 0x7eb69376d9c0></pre></td> </tr> </tbody> </table> </li> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/middleware/common.py</code> in <code>process_request</code> <div class="context" id="c139322622275264"> <ol start="41" class="pre-context" id="pre139322622275264"> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> user_agent = request.META.get('HTTP_USER_AGENT&#39;)</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> if user_agent is not None:</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> for user_agent_regex in settings.DISALLOWED_USER_AGENTS:</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> if user_agent_regex.search(user_agent):</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> raise PermissionDenied('Forbidden user agent&#39;)</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre></pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> # Check for a redirect based on settings.PREPEND_WWW</pre></li> </ol> <ol start="48" class="context-line"> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> host = request.get_host()</pre> <span>…</span></li> </ol> <ol start='49' class="post-context" id="post139322622275264"> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> must_prepend = settings.PREPEND_WWW and host and not host.startswith('www.&#39;)</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> redirect_url = ('%s://www.%s' % (request.scheme, host)) if must_prepend else ''</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre></pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> # Check if a slash should be appended</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> if self.should_redirect_with_slash(request):</pre></li> <li onclick="toggle('pre139322622275264', 'post139322622275264&#39;)"><pre> path = self.get_full_path_with_slash(request)</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322622275264&#39;)"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322622275264"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/vuln/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> <tr> <td>self</td> <td class="code"><pre><django.middleware.common.CommonMiddleware object at 0x7eb69376d9c0></pre></td> </tr> <tr> <td>user_agent</td> <td class="code"><pre>'curl/7.81.0'</pre></td> </tr> </tbody> </table> </li> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/http/request.py</code> in <code>get_host</code> <div class="context" id="c139322622272448"> <ol start="115" class="pre-context" id="pre139322622272448"> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> return host</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> else:</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> msg = "Invalid HTTP_HOST header: %r." % host</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> if domain:</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> msg += " You may need to add %r to ALLOWED_HOSTS." % domain</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> else:</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> msg += " The domain name provided is not valid according to RFC 1034/1035."</pre></li> </ol> <ol start="122" class="context-line"> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> raise DisallowedHost(msg)</pre> <span>…</span></li> </ol> <ol start='123' class="post-context" id="post139322622272448"> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre></pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> def get_port(self):</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> """Return the port number for the request as a string."""</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> if settings.USE_X_FORWARDED_PORT and 'HTTP_X_FORWARDED_PORT' in self.META:</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> port = self.META['HTTP_X_FORWARDED_PORT']</pre></li> <li onclick="toggle('pre139322622272448', 'post139322622272448&#39;)"><pre> else:</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322622272448&#39;)"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322622272448"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>allowed_hosts</td> <td class="code"><pre>['localhost', '127.0.0.1', '[::1]']</pre></td> </tr> <tr> <td>domain</td> <td class="code"><pre>'192.168.20.128'</pre></td> </tr> <tr> <td>host</td> <td class="code"><pre>'192.168.20.128:8000'</pre></td> </tr> <tr> <td>msg</td> <td class="code"><pre>("Invalid HTTP_HOST header: '192.168.20.128:8000'. You may need to add " "'192.168.20.128' to ALLOWED_HOSTS.&quot;)</pre></td> </tr> <tr> <td>port</td> <td class="code"><pre>'8000'</pre></td> </tr> <tr> <td>self</td> <td class="code"><pre><WSGIRequest: GET '/vuln/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> </tbody> </table> </li> </ul> </div> <form action="http://dpaste.com/" name="pasteform" id="pasteform" method="post"> <div id="pastebinTraceback" class="pastebin"> <input type="hidden" name="language" value="PythonConsole"> <input type="hidden" name="title" value="DisallowedHost at /vuln/"> <input type="hidden" name="source" value="Django Dpaste Agent"> <input type="hidden" name="poster" value="Django"> <textarea name="content" id="traceback_area" cols="140" rows="25"> Environment: Request Method: GET Request URL: http://192.168.20.128:8000/vuln/?geom=SRID=4326;SELECT%20version();-- Django Version: 3.0.3 Python Version: 3.10.12 Installed Applications: ['django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app'] Installed Middleware: ['django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware'] Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/django/core/handlers/exception.py", line 34, in inner response = get_response(request) File "/usr/local/lib/python3.10/dist-packages/django/utils/deprecation.py", line 93, in __call__ response = self.process_request(request) File "/usr/local/lib/python3.10/dist-packages/django/middleware/common.py", line 48, in process_request host = request.get_host() File "/usr/local/lib/python3.10/dist-packages/django/http/request.py", line 122, in get_host raise DisallowedHost(msg) Exception Type: DisallowedHost at /vuln/ Exception Value: Invalid HTTP_HOST header: '192.168.20.128:8000'. You may need to add '192.168.20.128' to ALLOWED_HOSTS. </textarea> <br><br> <input type="submit" value="Share this traceback on a public website"> </div> </form> </div> <div id="requestinfo"> <h2>Request information</h2> <h3 id="user-info">USER</h3> <p>[unable to retrieve the current user]</p> <h3 id="get-info">GET</h3> <table class="req"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>geom</td> <td class="code"><pre>'SRID=4326'</pre></td> </tr> <tr> <td>SELECT version()</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>--</td> <td class="code"><pre>''</pre></td> </tr> </tbody> </table> <h3 id="post-info">POST</h3> <p>No POST data</p> <h3 id="files-info">FILES</h3> <p>No FILES data</p> <h3 id="cookie-info">COOKIES</h3> <p>No cookie data</p> <h3 id="meta-info">META</h3> <table class="req"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>COLORTERM</td> <td class="code"><pre>'truecolor'</pre></td> </tr> <tr> <td>CONTENT_LENGTH</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>CONTENT_TYPE</td> <td class="code"><pre>'text/plain'</pre></td> </tr> <tr> <td>DEBUGINFOD_URLS</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DISPLAY</td> <td class="code"><pre>':0'</pre></td> </tr> <tr> <td>DJANGO_SETTINGS_MODULE</td> <td class="code"><pre>'vuln.settings'</pre></td> </tr> <tr> <td>GATEWAY_INTERFACE</td> <td class="code"><pre>'CGI/1.1'</pre></td> </tr> <tr> <td>HOME</td> <td class="code"><pre>'/root'</pre></td> </tr> <tr> <td>HTTP_ACCEPT</td> <td class="code"><pre>'*/*'</pre></td> </tr> <tr> <td>HTTP_HOST</td> <td class="code"><pre>'192.168.20.128:8000'</pre></td> </tr> <tr> <td>HTTP_USER_AGENT</td> <td class="code"><pre>'curl/7.81.0'</pre></td> </tr> <tr> <td>LANG</td> <td class="code"><pre>'en_US.UTF-8'</pre></td> </tr> <tr> <td>LANGUAGE</td> <td class="code"><pre>'en_US:'</pre></td> </tr> <tr> <td>LC_ADDRESS</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_IDENTIFICATION</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_MEASUREMENT</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_MONETARY</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_NAME</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_NUMERIC</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_PAPER</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_TELEPHONE</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_TIME</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LESSCLOSE</td> <td class="code"><pre>'/usr/bin/lesspipe %s %s'</pre></td> </tr> <tr> <td>LESSOPEN</td> <td class="code"><pre>'| /usr/bin/lesspipe %s'</pre></td> </tr> <tr> <td>LOGNAME</td> <td class="code"><pre>'root'</pre></td> </tr> <tr> <td>LS_COLORS</td> <td class="code"><pre>'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:'</pre></td> </tr> <tr> <td>MAIL</td> <td class="code"><pre>'/var/mail/root'</pre></td> </tr> <tr> <td>OLDPWD</td> <td class="code"><pre>'/root/vulhub/django/CVE-2020-9402/src'</pre></td> </tr> <tr> <td>PATH</td> <td class="code"><pre>'/xp/server/docker:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/xp/server/docker'</pre></td> </tr> <tr> <td>PATH_INFO</td> <td class="code"><pre>'/vuln/'</pre></td> </tr> <tr> <td>PWD</td> <td class="code"><pre>'/root/django_cve_2020_9402'</pre></td> </tr> <tr> <td>QUERY_STRING</td> <td class="code"><pre>'geom=SRID=4326;SELECT%20version();--'</pre></td> </tr> <tr> <td>REMOTE_ADDR</td> <td class="code"><pre>'192.168.20.128'</pre></td> </tr> <tr> <td>REMOTE_HOST</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>REQUEST_METHOD</td> <td class="code"><pre>'GET'</pre></td> </tr> <tr> <td>RUN_MAIN</td> <td class="code"><pre>'true'</pre></td> </tr> <tr> <td>SCRIPT_NAME</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>SERVER_NAME</td> <td class="code"><pre>'zzz-virtual-machine'</pre></td> </tr> <tr> <td>SERVER_PORT</td> <td class="code"><pre>'8000'</pre></td> </tr> <tr> <td>SERVER_PROTOCOL</td> <td class="code"><pre>'HTTP/1.1'</pre></td> </tr> <tr> <td>SERVER_SOFTWARE</td> <td class="code"><pre>'WSGIServer/0.2'</pre></td> </tr> <tr> <td>SHELL</td> <td class="code"><pre>'/bin/bash'</pre></td> </tr> <tr> <td>SHLVL</td> <td class="code"><pre>'1'</pre></td> </tr> <tr> <td>SUDO_COMMAND</td> <td class="code"><pre>'/bin/bash'</pre></td> </tr> <tr> <td>SUDO_GID</td> <td class="code"><pre>'1000'</pre></td> </tr> <tr> <td>SUDO_UID</td> <td class="code"><pre>'1000'</pre></td> </tr> <tr> <td>SUDO_USER</td> <td class="code"><pre>'zzz'</pre></td> </tr> <tr> <td>TERM</td> <td class="code"><pre>'xterm-256color'</pre></td> </tr> <tr> <td>TZ</td> <td class="code"><pre>'UTC'</pre></td> </tr> <tr> <td>USER</td> <td class="code"><pre>'root'</pre></td> </tr> <tr> <td>XAUTHORITY</td> <td class="code"><pre>'/run/user/1000/.mutter-Xwaylandauth.T2BDG3'</pre></td> </tr> <tr> <td>XDG_CURRENT_DESKTOP</td> <td class="code"><pre>'ubuntu:GNOME'</pre></td> </tr> <tr> <td>XDG_DATA_DIRS</td> <td class="code"><pre>'/usr/share/gnome:/usr/local/share:/usr/share:/var/lib/snapd/desktop'</pre></td> </tr> <tr> <td>_</td> <td class="code"><pre>'/usr/bin/python3'</pre></td> </tr> <tr> <td>wsgi.errors</td> <td class="code"><pre><_io.TextIOWrapper name='<stderr>' mode='w' encoding='utf-8'></pre></td> </tr> <tr> <td>wsgi.file_wrapper</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>wsgi.input</td> <td class="code"><pre><django.core.handlers.wsgi.LimitedStream object at 0x7eb693612f80></pre></td> </tr> <tr> <td>wsgi.multiprocess</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>wsgi.multithread</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>wsgi.run_once</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>wsgi.url_scheme</td> <td class="code"><pre>'http'</pre></td> </tr> <tr> <td>wsgi.version</td> <td class="code"><pre>(1, 0)</pre></td> </tr> </tbody> </table> <h3 id="settings-info">Settings</h3> <h4>Using settings module <code>vuln.settings</code></h4> <table class="req"> <thead> <tr> <th>Setting</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>ABSOLUTE_URL_OVERRIDES</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>ADMINS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>ALLOWED_HOSTS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>APPEND_SLASH</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>AUTHENTICATION_BACKENDS</td> <td class="code"><pre>['django.contrib.auth.backends.ModelBackend']</pre></td> </tr> <tr> <td>AUTH_PASSWORD_VALIDATORS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>AUTH_USER_MODEL</td> <td class="code"><pre>'auth.User'</pre></td> </tr> <tr> <td>BASE_DIR</td> <td class="code"><pre>'/root/django_cve_2020_9402'</pre></td> </tr> <tr> <td>CACHES</td> <td class="code"><pre>{'default': {'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'}}</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_ALIAS</td> <td class="code"><pre>'default'</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_KEY_PREFIX</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_SECONDS</td> <td class="code"><pre>600</pre></td> </tr> <tr> <td>CSRF_COOKIE_AGE</td> <td class="code"><pre>31449600</pre></td> </tr> <tr> <td>CSRF_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>CSRF_COOKIE_HTTPONLY</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>CSRF_COOKIE_NAME</td> <td class="code"><pre>'csrftoken'</pre></td> </tr> <tr> <td>CSRF_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>CSRF_COOKIE_SAMESITE</td> <td class="code"><pre>'Lax'</pre></td> </tr> <tr> <td>CSRF_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>CSRF_FAILURE_VIEW</td> <td class="code"><pre>'django.views.csrf.csrf_failure'</pre></td> </tr> <tr> <td>CSRF_HEADER_NAME</td> <td class="code"><pre>'HTTP_X_CSRFTOKEN'</pre></td> </tr> <tr> <td>CSRF_TRUSTED_ORIGINS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>CSRF_USE_SESSIONS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>DATABASES</td> <td class="code"><pre>{'default': {'ATOMIC_REQUESTS': False, 'AUTOCOMMIT': True, 'CONN_MAX_AGE': 0, 'ENGINE': 'django.db.backends.sqlite3', 'HOST': '', 'NAME': '/root/django_cve_2020_9402/db.sqlite3', 'OPTIONS': {}, 'PASSWORD': '********************', 'PORT': '', 'TEST': {'CHARSET': None, 'COLLATION': None, 'MIRROR': None, 'NAME': None}, 'TIME_ZONE': None, 'USER': ''}}</pre></td> </tr> <tr> <td>DATABASE_ROUTERS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>DATA_UPLOAD_MAX_MEMORY_SIZE</td> <td class="code"><pre>2621440</pre></td> </tr> <tr> <td>DATA_UPLOAD_MAX_NUMBER_FIELDS</td> <td class="code"><pre>1000</pre></td> </tr> <tr> <td>DATETIME_FORMAT</td> <td class="code"><pre>'N j, Y, P'</pre></td> </tr> <tr> <td>DATETIME_INPUT_FORMATS</td> <td class="code"><pre>['%Y-%m-%d %H:%M:%S', '%Y-%m-%d %H:%M:%S.%f', '%Y-%m-%d %H:%M', '%Y-%m-%d', '%m/%d/%Y %H:%M:%S', '%m/%d/%Y %H:%M:%S.%f', '%m/%d/%Y %H:%M', '%m/%d/%Y', '%m/%d/%y %H:%M:%S', '%m/%d/%y %H:%M:%S.%f', '%m/%d/%y %H:%M', '%m/%d/%y']</pre></td> </tr> <tr> <td>DATE_FORMAT</td> <td class="code"><pre>'N j, Y'</pre></td> </tr> <tr> <td>DATE_INPUT_FORMATS</td> <td class="code"><pre>['%Y-%m-%d', '%m/%d/%Y', '%m/%d/%y', '%b %d %Y', '%b %d, %Y', '%d %b %Y', '%d %b, %Y', '%B %d %Y', '%B %d, %Y', '%d %B %Y', '%d %B, %Y']</pre></td> </tr> <tr> <td>DEBUG</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>DEBUG_PROPAGATE_EXCEPTIONS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>DECIMAL_SEPARATOR</td> <td class="code"><pre>'.'</pre></td> </tr> <tr> <td>DEFAULT_CHARSET</td> <td class="code"><pre>'utf-8'</pre></td> </tr> <tr> <td>DEFAULT_EXCEPTION_REPORTER_FILTER</td> <td class="code"><pre>'django.views.debug.SafeExceptionReporterFilter'</pre></td> </tr> <tr> <td>DEFAULT_FILE_STORAGE</td> <td class="code"><pre>'django.core.files.storage.FileSystemStorage'</pre></td> </tr> <tr> <td>DEFAULT_FROM_EMAIL</td> <td class="code"><pre>'webmaster@localhost'</pre></td> </tr> <tr> <td>DEFAULT_INDEX_TABLESPACE</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DEFAULT_TABLESPACE</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DISALLOWED_USER_AGENTS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>EMAIL_BACKEND</td> <td class="code"><pre>'django.core.mail.backends.smtp.EmailBackend'</pre></td> </tr> <tr> <td>EMAIL_HOST</td> <td class="code"><pre>'localhost'</pre></td> </tr> <tr> <td>EMAIL_HOST_PASSWORD</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>EMAIL_HOST_USER</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>EMAIL_PORT</td> <td class="code"><pre>25</pre></td> </tr> <tr> <td>EMAIL_SSL_CERTFILE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>EMAIL_SSL_KEYFILE</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>EMAIL_SUBJECT_PREFIX</td> <td class="code"><pre>'[Django] '</pre></td> </tr> <tr> <td>EMAIL_TIMEOUT</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>EMAIL_USE_LOCALTIME</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>EMAIL_USE_SSL</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>EMAIL_USE_TLS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>FILE_CHARSET</td> <td class="code"><pre>'utf-8'</pre></td> </tr> <tr> <td>FILE_UPLOAD_DIRECTORY_PERMISSIONS</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FILE_UPLOAD_HANDLERS</td> <td class="code"><pre>['django.core.files.uploadhandler.MemoryFileUploadHandler', 'django.core.files.uploadhandler.TemporaryFileUploadHandler']</pre></td> </tr> <tr> <td>FILE_UPLOAD_MAX_MEMORY_SIZE</td> <td class="code"><pre>2621440</pre></td> </tr> <tr> <td>FILE_UPLOAD_PERMISSIONS</td> <td class="code"><pre>420</pre></td> </tr> <tr> <td>FILE_UPLOAD_TEMP_DIR</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FIRST_DAY_OF_WEEK</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>FIXTURE_DIRS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>FORCE_SCRIPT_NAME</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FORMAT_MODULE_PATH</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FORM_RENDERER</td> <td class="code"><pre>'django.forms.renderers.DjangoTemplates'</pre></td> </tr> <tr> <td>IGNORABLE_404_URLS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>INSTALLED_APPS</td> <td class="code"><pre>['django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app']</pre></td> </tr> <tr> <td>INTERNAL_IPS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>LANGUAGES</td> <td class="code"><pre>[('af', 'Afrikaans&#39;), ('ar', 'Arabic&#39;), ('ast', 'Asturian&#39;), ('az', 'Azerbaijani&#39;), ('bg', 'Bulgarian&#39;), ('be', 'Belarusian&#39;), ('bn', 'Bengali&#39;), ('br', 'Breton&#39;), ('bs', 'Bosnian&#39;), ('ca', 'Catalan&#39;), ('cs', 'Czech&#39;), ('cy', 'Welsh&#39;), ('da', 'Danish&#39;), ('de', 'German&#39;), ('dsb', 'Lower Sorbian&#39;), ('el', 'Greek&#39;), ('en', 'English&#39;), ('en-au', 'Australian English&#39;), ('en-gb', 'British English&#39;), ('eo', 'Esperanto&#39;), ('es', 'Spanish&#39;), ('es-ar', 'Argentinian Spanish&#39;), ('es-co', 'Colombian Spanish&#39;), ('es-mx', 'Mexican Spanish&#39;), ('es-ni', 'Nicaraguan Spanish&#39;), ('es-ve', 'Venezuelan Spanish&#39;), ('et', 'Estonian&#39;), ('eu', 'Basque&#39;), ('fa', 'Persian&#39;), ('fi', 'Finnish&#39;), ('fr', 'French&#39;), ('fy', 'Frisian&#39;), ('ga', 'Irish&#39;), ('gd', 'Scottish Gaelic&#39;), ('gl', 'Galician&#39;), ('he', 'Hebrew&#39;), ('hi', 'Hindi&#39;), ('hr', 'Croatian&#39;), ('hsb', 'Upper Sorbian&#39;), ('hu', 'Hungarian&#39;), ('hy', 'Armenian&#39;), ('ia', 'Interlingua&#39;), ('id', 'Indonesian&#39;), ('io', 'Ido&#39;), ('is', 'Icelandic&#39;), ('it', 'Italian&#39;), ('ja', 'Japanese&#39;), ('ka', 'Georgian&#39;), ('kab', 'Kabyle&#39;), ('kk', 'Kazakh&#39;), ('km', 'Khmer&#39;), ('kn', 'Kannada&#39;), ('ko', 'Korean&#39;), ('lb', 'Luxembourgish&#39;), ('lt', 'Lithuanian&#39;), ('lv', 'Latvian&#39;), ('mk', 'Macedonian&#39;), ('ml', 'Malayalam&#39;), ('mn', 'Mongolian&#39;), ('mr', 'Marathi&#39;), ('my', 'Burmese&#39;), ('nb', 'Norwegian Bokmål&#39;), ('ne', 'Nepali&#39;), ('nl', 'Dutch&#39;), ('nn', 'Norwegian Nynorsk&#39;), ('os', 'Ossetic&#39;), ('pa', 'Punjabi&#39;), ('pl', 'Polish&#39;), ('pt', 'Portuguese&#39;), ('pt-br', 'Brazilian Portuguese&#39;), ('ro', 'Romanian&#39;), ('ru', 'Russian&#39;), ('sk', 'Slovak&#39;), ('sl', 'Slovenian&#39;), ('sq', 'Albanian&#39;), ('sr', 'Serbian&#39;), ('sr-latn', 'Serbian Latin&#39;), ('sv', 'Swedish&#39;), ('sw', 'Swahili&#39;), ('ta', 'Tamil&#39;), ('te', 'Telugu&#39;), ('th', 'Thai&#39;), ('tr', 'Turkish&#39;), ('tt', 'Tatar&#39;), ('udm', 'Udmurt&#39;), ('uk', 'Ukrainian&#39;), ('ur', 'Urdu&#39;), ('uz', 'Uzbek&#39;), ('vi', 'Vietnamese&#39;), ('zh-hans', 'Simplified Chinese&#39;), ('zh-hant', 'Traditional Chinese&#39;)]</pre></td> </tr> <tr> <td>LANGUAGES_BIDI</td> <td class="code"><pre>['he', 'ar', 'fa', 'ur']</pre></td> </tr> <tr> <td>LANGUAGE_CODE</td> <td class="code"><pre>'en-us'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_AGE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_HTTPONLY</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_NAME</td> <td class="code"><pre>'django_language'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_SAMESITE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>LOCALE_PATHS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>LOGGING</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>LOGGING_CONFIG</td> <td class="code"><pre>'logging.config.dictConfig'</pre></td> </tr> <tr> <td>LOGIN_REDIRECT_URL</td> <td class="code"><pre>'/accounts/profile/'</pre></td> </tr> <tr> <td>LOGIN_URL</td> <td class="code"><pre>'/accounts/login/'</pre></td> </tr> <tr> <td>LOGOUT_REDIRECT_URL</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>MANAGERS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>MEDIA_ROOT</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>MEDIA_URL</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>MESSAGE_STORAGE</td> <td class="code"><pre>'django.contrib.messages.storage.fallback.FallbackStorage'</pre></td> </tr> <tr> <td>MIDDLEWARE</td> <td class="code"><pre>['django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware']</pre></td> </tr> <tr> <td>MIGRATION_MODULES</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>MONTH_DAY_FORMAT</td> <td class="code"><pre>'F j'</pre></td> </tr> <tr> <td>NUMBER_GROUPING</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>PASSWORD_HASHERS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>PASSWORD_RESET_TIMEOUT_DAYS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>PREPEND_WWW</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>ROOT_URLCONF</td> <td class="code"><pre>'vuln.urls'</pre></td> </tr> <tr> <td>SECRET_KEY</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>SECURE_BROWSER_XSS_FILTER</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_CONTENT_TYPE_NOSNIFF</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>SECURE_HSTS_INCLUDE_SUBDOMAINS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_HSTS_PRELOAD</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_HSTS_SECONDS</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>SECURE_PROXY_SSL_HEADER</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_REDIRECT_EXEMPT</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>SECURE_REFERRER_POLICY</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_SSL_HOST</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_SSL_REDIRECT</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SERVER_EMAIL</td> <td class="code"><pre>'root@localhost'</pre></td> </tr> <tr> <td>SESSION_CACHE_ALIAS</td> <td class="code"><pre>'default'</pre></td> </tr> <tr> <td>SESSION_COOKIE_AGE</td> <td class="code"><pre>1209600</pre></td> </tr> <tr> <td>SESSION_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SESSION_COOKIE_HTTPONLY</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>SESSION_COOKIE_NAME</td> <td class="code"><pre>'sessionid'</pre></td> </tr> <tr> <td>SESSION_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>SESSION_COOKIE_SAMESITE</td> <td class="code"><pre>'Lax'</pre></td> </tr> <tr> <td>SESSION_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_ENGINE</td> <td class="code"><pre>'django.contrib.sessions.backends.db'</pre></td> </tr> <tr> <td>SESSION_EXPIRE_AT_BROWSER_CLOSE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_FILE_PATH</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SESSION_SAVE_EVERY_REQUEST</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_SERIALIZER</td> <td class="code"><pre>'django.contrib.sessions.serializers.JSONSerializer'</pre></td> </tr> <tr> <td>SETTINGS_MODULE</td> <td class="code"><pre>'vuln.settings'</pre></td> </tr> <tr> <td>SHORT_DATETIME_FORMAT</td> <td class="code"><pre>'m/d/Y P'</pre></td> </tr> <tr> <td>SHORT_DATE_FORMAT</td> <td class="code"><pre>'m/d/Y'</pre></td> </tr> <tr> <td>SIGNING_BACKEND</td> <td class="code"><pre>'django.core.signing.TimestampSigner'</pre></td> </tr> <tr> <td>SILENCED_SYSTEM_CHECKS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>STATICFILES_DIRS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>STATICFILES_FINDERS</td> <td class="code"><pre>['django.contrib.staticfiles.finders.FileSystemFinder', 'django.contrib.staticfiles.finders.AppDirectoriesFinder']</pre></td> </tr> <tr> <td>STATICFILES_STORAGE</td> <td class="code"><pre>'django.contrib.staticfiles.storage.StaticFilesStorage'</pre></td> </tr> <tr> <td>STATIC_ROOT</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>STATIC_URL</td> <td class="code"><pre>'/static/'</pre></td> </tr> <tr> <td>TEMPLATES</td> <td class="code"><pre>[{'APP_DIRS': True, 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'OPTIONS': {'context_processors': ['django.template.context_processors.debug', 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages']}}]</pre></td> </tr> <tr> <td>TEST_NON_SERIALIZED_APPS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>TEST_RUNNER</td> <td class="code"><pre>'django.test.runner.DiscoverRunner'</pre></td> </tr> <tr> <td>THOUSAND_SEPARATOR</td> <td class="code"><pre>','</pre></td> </tr> <tr> <td>TIME_FORMAT</td> <td class="code"><pre>'P'</pre></td> </tr> <tr> <td>TIME_INPUT_FORMATS</td> <td class="code"><pre>['%H:%M:%S', '%H:%M:%S.%f', '%H:%M']</pre></td> </tr> <tr> <td>TIME_ZONE</td> <td class="code"><pre>'UTC'</pre></td> </tr> <tr> <td>USE_I18N</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_L10N</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_THOUSAND_SEPARATOR</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>USE_TZ</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_X_FORWARDED_HOST</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>USE_X_FORWARDED_PORT</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>WSGI_APPLICATION</td> <td class="code"><pre>'vuln.wsgi.application'</pre></td> </tr> <tr> <td>X_FRAME_OPTIONS</td> <td class="code"><pre>'DENY'</pre></td> </tr> <tr> <td>YEAR_MONTH_FORMAT</td> <td class="code"><pre>'F Y'</pre></td> </tr> </tbody> </table> </div> <div id="explanation"> <p> You're seeing this error because you have <code>DEBUG = True</code> in your Django settings file. Change that to <code>False</code>, and Django will display a standard page generated by the handler for this status code. </p> </div> </body> </html>
最新发布
12-01
你已经成功访问了目标服务,但遇到了 Django 的安全机制拦截。以下是详细分析和下一步建议: --- ### ✅ 当前状态解读 你执行了如下命令: ```bash ...SELECT%20version();...返回的是一个 **Django Debug 页面**,...
FOR XML PATH('') 的简单使用
08-13 147
select Name + ',' from AFOR XML PATH('') 若Name不是varchar类型,先转 select CAST(NameAS varchar)+ ',' from AFOR XML PATH('') 去,号 select left(a,len(a)-1) from (select (select CAST(Nam...
关于for xml path的使用
qq_40085888的博客
07-02 692
有业务场景: 学生表s_student, 兴趣表s_hobby 表,其中s_student 一对多s_hobby . 需要我们在一张以s_hobby为主表的列表中,其中一个字段为该学生的所有兴趣. 下面上sql. 其中stuff 的作用是去掉前面的",".当然也可以在java代码中处理. cast的作用的转成String完成封装到对象, 因为for xml path出来的是blob格式.不转换会...
sqlserver利用XML进行纵向合并和横向合并(同时排序)
weixin_44112373的博客
10-23 727
-- 建表 CREATE TABLE #T ( a VARCHAR(10), b VARCHAR(10), c VARCHAR(10) ) INSERT INTO #T VALUES('1','2','3') INSERT INTO #T VALUES('6','5','4') INSERT INTO #T VALUES('7','8','0') -- 查看表 SELECT * FROM #T 1 2 3 6 5 4 7 8 0 -- 纵向合并 SELECT ''+a FROM #T FOR XM
使用for xml path 查询出来的字符串去重
qq_40085888的博客
12-14 1262
业务中需要查询出多行数据的某个字段,然后使用 "," 分隔作为一行数据中的某个值. for xml path 可以完成. 去掉最后一个分隔符可以使用sql的函数处理, 去重的话在java代码中实现较为直观和方便.  //1.去掉最后一个"," 2.去重 private String removeDuplicate(String str){ String[] strArr = ...
FOR XML PATH
晃蕩旳年華
07-30 3646
<br /> <br />/*<br /><br />FOR XML PATH<br />之前已经说了一些FOR XML (AUTO,RAW)的使用,下面说一说FOR XML PATH 模式的使用.<br />AUTO,RAW模式可以满足大多数的XML格式需求,PATH模式可以提供其他的一些格式功能.<br />*/<br /> <br />--1.控制层次<br />/*<br />使用PATH模式,你可以生成XML节点的层次结构.XML的层次是通过列的别名来控制的.<br />下面的查询中增加了一个新的
&#x开头的是什么编码呢。浏览器可以解释它。如中国等同与中文"中国"?...
weixin_34255793的博客
11-10 562
形如—— &amp;#dddd; &amp;#xhhhh; &amp;#name; ——的一串字符是 HTML、XML 等 SGML 类语言的转义序列(escape sequence)。它们不是「编码」。 以 HTML 为例,这三种转义序列都称作 character reference: 前两种是 numeric character reference(NCR),数...
Python2.6.6的ElementTree输出xml中汉字变成&#xxxx的问题
weixin_34221276的博客
05-22 700
Python2.6.6的ElementTree输出xml中汉字变成&#xxxx的问题: # coding: gbk import xml.etree.ElementTree as ET rootelem = ET.Element("SystemList") organization = ET.SubElement(rootelem, "Organization") ...
php xml特殊字符,php XML DOM将特殊字符转换为&#xYY;.
weixin_39568706的博客
03-11 205
我通过AJAX POST发送此邮件:574081 video: 'Mundo.Hoy': ¿Dónde habré olvidado... mi memoria?我这样做是为了创建XML:header('Content-type: text/html; charset=utf-8');if(isset($_POST) && isset($_POST['data'])){$data ...
xml中的特殊字符
老别
04-08 224
空格 (& #x0020;) Tab (& #x0009;) 回车 (& #x000D;) 换行 (& #x000A;) (& #)之间去空格
XML 转义字符
热门推荐
High_Mount的专栏
09-19 2万+
转义字符不合法的XML字符必须被替换为相应的实体。 如果在XML文档中使用类似"" 的字符, 那么解析器将会出现错误,因为解析器会认为这是一个新元素的开始。所以不应该象下面那样书写代码:if salary 为了避免出现这种情况,必须将字符"if salary < 1000 then下面是五个在XML文档中预定义好的实体:<
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值