ASP.NET·ÀÖ¹SQL×¢È뺯Êý
ASP.NET·ÀÖ¹SQL×¢È뺯Êý:
using System;
using System.Text.RegularExpressions;
using System.Web;
namespace FSqlKeyWord
......{
/**//**//**//// <summary>
/// SqlKey µÄժҪ˵Ã÷¡£
/// </summary>
public class SqlKey
......{
private HttpRequest request;
private const string StrKeyWord = @"select|insert|delete|from|count(|drop table|update|truncate|asc(|mid(|char(|xp_cmdshell|exec master|netlocalgroup administrators|:|net user|""|or|and";
private const string StrRegex = @"[-|;|,|/|(|)|[|]|}|{|%|@|*|!|']";
public SqlKey(System.Web.HttpRequest _request)
......{
//
// TODO: ÔÚ´Ë´¦Ìí¼Ó¹¹Ô캯ÊýÂß¼
//
this.request = _request;
}
/**//**//**//// <summary>
/// Ö»¶ÁÊôÐÔ SQL¹Ø¼ü×Ö
/// </summary>
public static string KeyWord
......{
get
......{
return StrKeyWord;
}
}
&nbs
Ïà¹ØÎĵµ£º
ÊìϤSQL SERVER 2000µÄÊý¾Ý¿â¹ÜÀíÔ±¶¼ÖªµÀ£¬ÆäDTS¿ÉÒÔ½øÐÐÊý¾ÝµÄµ¼Èëµ¼³ö£¬Æäʵ£¬ÎÒÃÇÒ²¿ÉÒÔʹÓÃTransact-SQLÓï¾ä½øÐе¼Èëµ¼³ö²Ù×÷¡£ÔÚTransact-SQLÓï¾äÖУ¬ÎÒÃÇÖ÷ҪʹÓÃOpenDataSourceº¯Êý¡¢OPENROWSET º¯Êý£¬¹ØÓÚº¯ÊýµÄÏêϸ˵Ã÷£¬Çë²Î¿¼SQLÁª»ú°ïÖú¡£ÀûÓÃÏÂÊö·½·¨£¬¿ÉÒÔÊ®·ÖÈÝÒ×µØʵÏÖSQL SERVER¡¢ACCESS¡¢EXCELÊý¾Ýת»»£ ......
1.´ò¿ªSQL server enterprise mananger “ÆóÒµ¹ÜÀíÆ÷”
ÔÚÄãÒªµ¼³öµÄSQLÊý¾Ý¿âÉÏÊó±êÓÒ¼ü²Ëµ¥£ºËùÓÐÈÎÎñ-¡·µ¼³öÊý¾Ý
2.»Ø³öÏÖÒ»¸öµ¼³öÏòµ¼´°¿Ú¡£
Ñ¡Ôñ±»µ¼³öµÄÊý¾ÝÔ´£¬ÎªÄã¸Õ²ÅËùÑ¡ÔñµÄÊý¾Ý¿â£¬Èç¹û·¢ÏÖ²»¶ÔÓ¦×ÔÐÐÐ޸ġ£
3.½øÈëµ¼³öµ½Ä¿±êÊý¾ÝÔ´µÄÑ¡Ôñ£¬ÕâÀïÎÒÃÇҪת³ÉACCESSµÄÊý¾Ý¿â¡£×¢ÒâÑ¡ÔñÊý¾ÝÔ´ÀàÐÍÎ ......
//private string datapatch = ConfigurationSettings.AppSettings["acessconn"];//Êý¾Ý¿âµØÖ·
private string datapatch = "db/global.asa";//Êý¾Ý¿âµØÖ·
///
/// È¡µÃdataset
//
/// ²éѯÓï¾ä
///
public DataSet GetDataSet(string Commandtext)
{&nbs ......
SQL Server 2005 Êý¾ÝÀàÐÍ
´´½¨Êý¾Ý¿â±íʱ£¬±ØÐëΪ±íÖеÄÿÁзÖÅäÒ»ÖÖÊý¾ÝÀàÐÍ¡£
1. ×Ö·û´®ÀàÐÍ
×Ö·û´®ÀàÐÍ°üÀ¨varchar,char,nvarchar,nchar,textºÍntext.ÕâЩÊý¾ÝÀàÐÍÓÃÓÚ´æ´¢×Ö·ûÊý¾Ý¡£VarcharºÍcharÀàÐÍÖ®¼äµÄ²î±ðÊÇÊý¾ÝÌî³ä¡£Èç¹ûÒª½ÚÊ¡¿Õ¼ä£¬ÎªÊ²Ã´ÓÐʱºò»¹Ê¹ÓÃcharÊý¾ÝÀàÐÍÄØ ......
