参数拦截:script、空格and空格、空格or空格、union select、user()
绕过:
and、order by绕过: 内联注释
union select绕过: union%23%0a%23%0aSeLecT/**/1,2,3
user()绕过 : user%23%0a()
