MySql中的CASE表达式

[TOC]

起因

在做CTF的时候，发现一个时间盲注，一时间忘记怎么手工，不能忍，果断搜索了一波。

作用

1. 盲注
2. 绕过过滤逗号,的注入点

MySql中的CASE表达式

定义参考

1. 先附上官方参考：MySQL CASE 表达式参考

2. CASE表达式的两种写法

   CASE value WHEN [compare_value] THEN result [WHEN [compare_value] THEN result ...] [ELSE result] END
   CASE WHEN [condition] THEN result [WHEN [condition] THEN result ...] [ELSE result] END

举例

1. 第一种语法

    mysql> select case 1 when 1 then 'one' end;
    +------------------------------+
    | case 1 when 1 then 'one' end |
    +------------------------------+
    | one                          |
    +------------------------------+
    1 row in set (0.04 sec)
   
    mysql> select case 1 when 1=1 then sleep(5) end;
    +-----------------------------------+
    | case 1 when 1=1 then sleep(5) end |
    +-----------------------------------+
    |                                 0 |
    +-----------------------------------+
    1 row in set (5.00 sec)
    
    mysql> select case 1 when 1=2 then sleep(5) when 1=1 then sleep(2) end;
    +----------------------------------------------------------+
    | case 1 when 1=2 then sleep(5) when 1=1 then sleep(2) end |
    +----------------------------------------------------------+
    |                                                        0 |
    +----------------------------------------------------------+
    1 row in set (2.00 sec)

2. 第二种用法

   mysql> select case when 1=1 then sleep(2) else sleep(5) end;
   +-----------------------------------------------+
   | case when 1=1 then sleep(2) else sleep(5) end |
   +-----------------------------------------------+
   |                                             0 |
   +-----------------------------------------------+
   1 row in set (2.00 sec)
   
    mysql> select case when 1=2 then sleep(2) else sleep(5) end;

+———————————————–+
| case when 1=2 then sleep(2) else sleep(5) end |
+———————————————–+
| 0 |
+———————————————–+
1 row in set (5.00 sec)