ASP.NET·ÀÖ¹SQL×¢È뺯Êý:
using System;
using System.Text.RegularExpressions;
using System.Web;
namespace FSqlKeyWord
......{
/**//**//**//// <summary>
/// SqlKey µÄժҪ˵Ã÷¡£
/// </summary>
public class SqlKey
......{
private HttpRequest request;
private const string StrKeyWord = @"select|insert|delete|from|count(|drop table|update|truncate|asc(|mid(|char(|xp_cmdshell|exec master|netlocalgroup administrators|:|net user|""|or|and";
private const string StrRegex = @"[-|;|,|/|(|)|[|]|}|{|%|@|*|!|']";
public SqlKey(System.Web.HttpRequest _request)
......{
//
// TODO: ÔÚ´Ë´¦Ìí¼Ó¹¹Ô캯ÊýÂß¼
//
this.request = _request;
}
/**//**//**//// <summary>
/// Ö»¶ÁÊôÐÔ SQL¹Ø¼ü×Ö
/// </summary>
public static string KeyWord
......{
get
......{
return StrKeyWord;
}
}
&nbs
ÊìϤSQL SERVER 2000µÄÊý¾Ý¿â¹ÜÀíÔ±¶¼ÖªµÀ£¬ÆäDTS¿ÉÒÔ½øÐÐÊý¾ÝµÄµ¼Èëµ¼³ö£¬Æäʵ£¬ÎÒÃÇÒ²¿ÉÒÔʹÓÃTransact-SQLÓï¾ä½øÐе¼Èëµ¼³ö²Ù×÷¡£ÔÚTransact-SQLÓï¾äÖУ¬ÎÒÃÇÖ÷ҪʹÓÃOpenDataSourceº¯Êý¡¢OPENROWSET º¯Êý£¬¹ØÓÚº¯ÊýµÄÏêϸ˵Ã÷£¬Çë²Î¿¼SQLÁª»ú°ïÖú¡£ÀûÓÃÏÂÊö·½·¨£¬¿ÉÒÔÊ®·ÖÈÝÒ×µØʵÏÖSQL SERVER¡¢ACCESS¡¢EXCELÊý¾Ýת»»£ ......
ĸ°æÒ³Ãæ
-- н¨Ò»Ä¸°æÒ³Ãæ
-- ÔÚÊʵ±Î»ÖüÓÈë´úÂ룺
<asp:ContentPlaceHolder ID="ContentPlaceHolder3" runat="server">
...ÕâÖ®¼äµÄÄÚÈÝÈç¹ûûÓÐContentÄÚÈÝ£¬½«»áµÃµ½ÏÔʾ£»
...Èç¹ûÓÐContentÄÚÈÝ£¬½«»á±»ContentÄÚÈÝÌæ»»µô
</asp:ContentPlaceHolder>
ContentÒ³Ãæ
-- н¨Ò»WEB´°Ìå
-- ÔÚÊʵ± ......
