Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

Èç¹û´æ´¢¹ý³ÌÊÇÆ´µÄSQL£¬ÄÇôҪ·ÀÖ¹×¢È룬Ôõô°ì£¿

ÊDz»ÊÇÖ»ÄÜÔÚÖ´Ðд洢¹ý³Ì֮ǰÌæ»»µôÃô¸Ð×Ö·ûÁË£¿
Ó¦¸ÃÊǵģ¬¿ÉÒÔÓÃÕýÔòÈ¥Ìæ»»
ÒýÓÃ
Ó¦¸ÃÊǵģ¬¿ÉÒÔÓÃÕýÔòÈ¥Ìæ»»


µÃ´ç½ø³ßµÄÎÊÏ£¬³ýÁËÌæ»»µ¥ÒýºÅ£¬»¹ÐèÒªÌæ»»ÄÄЩÄØ£¿Ð»Ð»~
C# code:

ÎÒ×Ô¼ºÒ»Ö±ÊÇÕâôдµÄ£¬Ï£Íû¶ÔÄãÓÐÆô·¢
#region ¹ýÂË×Ö·û
/// <summary>
/// ¾ßÌåÇé¿öÀ´¶¨Òª¹ýÂ˵Ä×Ö·û
/// </summary>
/// <param name="param">Òª¹ýÂ˵Ä×Ö·û</param>
public static string CheckSaftParam(string param)
{

param = param.Replace("net user", "");
param = param.Replace("xp_cmdshell", "");
param = param.Replace("/add", "");
param = param.Replace("exec%20master.dbo.xp_cmdshell", "");
param = param.Replace("net localgroup administrators", "");
param = param.Replace("select", "");
param = param.Replace("'", "''");
param = param.Replace("insert", "");
param = param.Replace("delete", "");
param = param.Replace("drop", "");
param = param.Replace("truncate", "");


Ïà¹ØÎÊ´ð£º

ÇóSQL£¿

´ó¼ÒºÃ£¬ÇëÎÊÔÚ±íMÖÐÓÐ×ֶΣºa b c d e 
ÎÒÏë²é³öÆäÖÐÂú×ãÏÂÃæÈÎÒâÒ»ÏîµÄÊý¾Ý£¬1.×Ö¶Îa µÄÖµ²»ÊÇ ¡®Êé»ò±Ê»ò±¾¡¯ÖÐÈÎÒ»£¬2.aΪÊéµÄʱºò×Ö¶Îb,cÊÇ¿Õ;3.µ±aֵΪ±ÊµÄʱºòdÊÇ¿Õ;4.µ±aΪ±¾µÄʱºòb,d,e¶¼ÊÇ¿Õ;5.È ......

Çó Æ´VB SQL insert into ×Ö·û´®

  INSERT INTO StudAchieve(studID,studName)
  VALUES('2','abc'),('2','bcd'),('2','cde')

  Æ´ÁË°ëÌìÒ²²»¶Ô£¬¼°°¡ ¡£¡£¡£¡£
SQL c ......

ÓÐÈËÓùýsql server2005 ´´½¨·¢²¼Âð£¿

¾ÍÊÇÕ¹¿ªreplication ÓÒ¼üµ¥»÷ local Subscription ´´½¨·¢²¼£¬ ÓÐÈËÓùýÂ𣬳ɹ¦´´½¨·¢²¼µÄÓÐÂð£¿
Óùý£¬¿ÉÒԳɹ¦

ÒýÓÃ
Óùý£¬¿ÉÒԳɹ¦

Ã×ÓùýµÄ°ï¶¥

ÒýÓÃ
Óùý£¬¿ÉÒԳɹ¦

µÚÒ»²½ÎҾ͹ý² ......

ÇóSQLÓï¾ä¿ØÖÆÒ»ÁеÄÖµ

ÄÄλ¸ßÊÖÌṩһ¸öSQlÓï¾ä£¬¿ØÖƱíÖÐÖ¸¶¨ÁеÄÖµ±ØÐëÊÇÕýÊý£¿
ÔÚ³ÌÐòÀïÃæÅжϲ»ºÃÂ𣿣¿

Äã¿ÉÒÔÔÚ½¨±íµÄʱºòÓÃcheckÔ¼Êø±íÖеĸÃ×Ö¶Îѽ£¡
È磺
create table tab_name£¨
name varchar2(20),
age numbe ......

sql server ´æ´¢¹ý³ÌÑ­»·¸³ÖµµÄÎÊÌâ

СµÜÊǸöÐÂÊÖ ÏÖÔÚÓиöÎÊÌâÒ»Ö±²»Äܽâ¾ö
ÀýÈç
procedure produce_proc
    @p001 nvarchar(8000),
    @p002 nvarchar(8000),
    @p003 nvarchar(8000),
  & ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ