select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database. If TYPE OF is used with a (VAR)CHAR type
select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database.
UNION ALL пример: SELECT 'foo' AS bar UNION ALL SELECT 'foo' AS bar ... Оба UNION и UNION ALL объединяют результат двух разных SQL.
action=999999.9)+%2f**%2fuNiOn%2f**%2faLl+%2f**%2fsElEcT+0x393133353134353632312e39
So, as it's being used a lot, I would submit my answer. In my opinion, the aim of these requests is to check the presence or absence of a sql injection. This is the part of the query that is trying to inject: 999999.9 UNION ALL SELECT "91351456272.9","91351456272.9"...
select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database. If TYPE OF is used with a (VAR)CHAR type, its character set and collation are retained.
Синтаксис: 0xHEX_ЧИСЛО (SM): SELECT CHAR(0x66) (S) SELECT 0x5045 (это не число, а строка) (M) SELECT 0x50
вместо char(64) используй varbinary(64) и все будет в норме.
Перевод отдельных слов, фраз, а также целых текстов и веб-страниц (английский, немецкий, французский, испанский, польский и др.).
...fetchitem=46'+and+999999.9)+UnIoN+AlL+SeLeCt+0x393133353134353632312e39