Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

ÔÚPHPÖÐÈ«Ãæ×èÖ¹SQL×¢Èëʽ¹¥»÷Ö®Èý

Ò»¡¢ ½¨Á¢Ò»¸ö°²È«³éÏó²ã
¡¡¡¡ÎÒÃDz¢²»½¨ÒéÄãÊÖ¹¤µØ°ÑÇ°Ãæ½éÉܵļ¼ÊõÓ¦ÓÃÓÚÿһ¸öÓû§ÊäÈëµÄʵÀýÖУ¬¶øÊÇÇ¿ÁÒÍƼöÄãΪ´Ë´´½¨Ò»¸ö³éÏó²ã¡£Ò»¸ö¼òµ¥µÄ³éÏóÊÇ°ÑÄãµÄУÑé·½°¸¼ÓÈëµ½Ò»¸öº¯ÊýÖУ¬²¢ÇÒÕë¶ÔÓû§ÊäÈëµÄÿһÏîµ÷ÓÃÕâ¸öº¯Êý¡£µ±È»£¬ÎÒÃÇ»¹¿ÉÒÔ´´½¨Ò»ÖÖ¸ü¸´Ôӵĸü¸ßÒ»¼¶µÄ³éÏó-°ÑÒ»¸ö°²È«µÄ²éѯ·â×°µ½Ò»¸öÀàÖУ¬´Ó¶øÓ¦ÓÃÓÚÕû¸öÓ¦ÓóÌÐò¡£ÔÚÍøÉÏÒѾ­´æÔÚÐí¶àÕâÖÖÏֳɵÄÃâ·ÑµÄÀࣻÔÚ±¾ÆªÖУ¬ÎÒÃÇÕýÒªÌÖÂÛÆäÖеÄһЩ¡£
¡¡¡¡½øÐÐÕâÖÖ³éÏóÖÁÉÙ´æÔÚÈý¸öÓŵ㣨¶øÇÒÿһ¸ö¶¼»á¸Ä½ø°²È«¼¶±ð£©£º
¡¡¡¡1. ±¾µØ»¯´úÂë¡£
¡¡¡¡2. ʹ²éѯµÄ¹¹Ôì¸ü¿ìÇÒ¸üΪ¿É¿¿-ÒòΪÕâ¿ÉÒ԰Ѳ¿·Ö¹¤×÷½»ÓɳéÏó´úÂëÀ´ÊµÏÖ¡£
¡¡¡¡3. µ±»ùÓÚ°²È«ÌØÕ÷½øÐй¹½¨²¢ÇÒÇ¡µ±Ê¹ÓÃʱ£¬Õ⽫»áÓÐЧµØ·ÀÖ¹ÎÒÃÇÇ°ÃæËùÌÖÂ۵ĸ÷ÖÖ¸÷ÑùµÄ×¢Èëʽ¹¥»÷¡£
¡¡¡¡¶þ¡¢ ¸Ä½øÏÖÓеÄÓ¦ÓóÌÐò
¡¡¡¡Èç¹ûÄãÏë¸Ä½øÒ»¸öÏÖÓеÄÓ¦ÓóÌÐò£¬ÔòʹÓÃÒ»¸ö¼òµ¥µÄ³éÏó²ãÊÇ×îÊʵ±µÄ¡£Ò»¸öÄܹ»¼òµ¥µØ"ÇåÀí"ÄãËùÊÕ¼¯µÄÈκÎÓû§ÊäÈëÄÚÈݵĺ¯Êý¿ÉÄÜ¿´ÆðÀ´ÈçÏÂËùʾ£º
function safe( $string ) {
¡¡return "'" . mysql_real_escape_string( $string ) . "'"
}
¡¡¡¡¡¾×¢Òâ¡¿ÎÒÃÇÒѾ­¹¹½¨ÁËÏàÓ¦ÓÚÖµÒªÇóµÄµ¥ÒýºÅÒÔ¼°mysql_real_escape_string()º¯Êý¡£½ÓÏÂÀ´£¬¾Í¿ÉÒÔʹÓÃÕâ¸öº¯ÊýÀ´¹¹ÔìÒ»¸ö$query±äÁ¿£¬ÈçÏÂËùʾ£º
$variety = safe( $_POST['variety'] );
$query = " SELECT * from wines WHERE variety=" . $variety;
¡¡¡¡ÏÖÔÚ£¬ÄãµÄÓû§ÊÔͼ½øÐÐÒ»¸ö×¢Èëʽ¹¥»÷-ͨ¹ýÊäÈëÏÂÁÐÄÚÈÝ×÷Ϊ±äÁ¿$varietyµÄÖµ£º
lagrein' or 1=1;
¡¡¡¡×¢Ò⣬Èç¹û²»½øÐÐÉÏÃæµÄ"ÇåÀí"£¬Ôò×îºóµÄ²éѯ½«ÈçÏÂËùʾ£¨Õ⽫µ¼ÖÂÎÞ·¨Ô¤ÁϵĽá¹û£©£º
SELECT * from wines WHERE variety = 'lagrein' or 1=1;'
¡¡¡¡È»¶øÏÖÔÚ£¬¼ÈÈ»Óû§µÄÊäÈëÒѾ­±»ÇåÀí£¬ÄÇô²éѯÓï¾ä¾Í³ÉΪÏÂÃæÕâÑùÒ»ÖÖÎÞΣº¦µÄÐÎʽ£º
SELECT * from wines WHERE variety = 'lagrein\' or 1=1\;'
¡¡¡¡¼ÈÈ»Êý¾Ý¿âÖв»´æÔÚÓëÖ¸¶¨µÄÖµÏàÓ¦µÄvarietyÓò(ÕâÕýÊǶñÒâÓû§ËùÊäÈëµÄÄÚÈÝ-lagrein' or 1=1;)£¬ÄÇô£¬Õâ¸ö²éѯ½«²»ÄÜ·µ»ØÈκνá¹û£¬²¢ÇÒ×¢È뽫»áʧ°Ü¡£
Èý¡¢ ±£»¤Ò»¸öеÄÓ¦ÓóÌÐò
¡¡¡¡Èç¹ûÄãÕýÔÚ´´½¨Ò»¸öеÄÓ¦ÓóÌÐò£¬ÄÇô£¬Äã¿ÉÒÔ´ÓÍ·¿ªÊ¼´´½¨Ò»¸ö°²È«³éÏó²ã¡£Èç½ñ£¬PHP 5иĽøµÄ¶ÔÓÚMySQLµÄÖ§³Ö£¨ÕâÖ÷ÒªÌåÏÖÔÚеÄmysqliÀ©Õ¹ÖУ©ÎªÕâÖÖ°²È«ÌØÕ÷ÌṩÁËÇ¿ÓÐÁ¦µÄÖ§³Ö£¨¼ÈÓйý³ÌÐԵģ¬Ò²ÓÐÃæÏò¶ÔÏóÌØÕ÷µÄ£©¡£Äã¿ÉÒÔ´ÓÕ¾µãhttp://php.net/mysqliÉÏ»ñÈ¡ÓйØmysqliµÄÐÅÏ¢¡£×¢Ò⣬ֻÓе


Ïà¹ØÎĵµ£º

¡¾×ª¡¿´´ÔìÊÀ½çÉÏ×î¼òµ¥µÄ PHP ¿ª·¢Ä£Ê½

 ¡¡¡¡php ×÷Ϊ“×î¼òµ¥”µÄ Web ½Å±¾ÓïÑÔ, ÔÚ¹úÄÚµÄÊг¡Ô½À´Ô½´ó£¬phper Ô½À´Ô½¶à£¬µ«ÊǸоõ´ó¶àÊýÈ˺ÃÏñûÓп¼Âǵ½Ä£Ê½ÎÊÌ⣬ʲôÑùµÄÉè¼Æģʽ²ÅÊÇ×îÓŵģ¬²ÅÊÇ×îÊʺÏ×Ô¼ºÄ¿Ç°¹¤×÷µÄ£¬±Ï¾¹Ð§ÂÊÊÇ×îÖØÒªµÄ£¨ÓÃʡϵÄʱ¼ä´òÓÎÏ·£¬¶àÃÀ°¡...£©¡£MVC Ó¦¸ÃÊÇÊ×Ñ¡£¬www.sourceforge.net ÉÏÓкöàÓÅÐãµÄ»ùÓÚ MVC µ ......

ÎÒµÄphpÑéÖ¤ÂëÀà


<?php
/*
 * Created on 2010-3-11
 * author:zhangfei
 *ÎÒµÄÑéÖ¤ÂëÀà
 */
 session_start();
 class Check_Class{
  public $h_img ;
public $c_back ;
public $c_front ;
//¹¹Ô캯Êý
function Check_Class(){
$h_img  =  imagecreate(100,30);
......

SQL*Plus FAQ

 What is SQL*Plus and where does it come from?
SQL*Plus is a command line SQL and PL/SQL language interface and reporting tool that ships with the Oracle Database Client and Server software. It can be used interactively or driven from scripts. SQL*Plus is frequently used by DBAs and Developers ......

ÔÚPHPÖÐÈ«Ãæ×èÖ¹SQL×¢Èëʽ¹¥»÷Ö®¶þ

Ò»¡¢ ×¢Èëʽ¹¥»÷µÄÀàÐÍ
¡¡¡¡¿ÉÄÜ´æÔÚÐí¶à²»Í¬ÀàÐ͵Ĺ¥»÷¶¯»ú£¬µ«ÊÇÕ§¿´ÉÏÈ¥£¬Ëƺõ´æÔÚ¸ü¶àµÄÀàÐÍ¡£ÕâÊǷdz£ÕæʵµÄ-Èç¹û¶ñÒâÓû§·¢ÏÖÁËÒ»¸öÄܹ»Ö´Ðжà¸ö²éѯµÄ°ì·¨µÄ»°¡£±¾ÎĺóÃ棬ÎÒÃÇ»á¶Ô´Ë×÷ÏêϸÌÖÂÛ¡£
¡¡¡¡Èç¹ûÄãµÄ½Å±¾ÕýÔÚÖ´ÐÐÒ»¸öSELECTÖ¸ÁÄÇô£¬¹¥»÷Õß¿ÉÒÔÇ¿ÆÈÏÔʾһ¸ö±í¸ñÖеÄÿһÐмǼ-ͨ¹ý°ÑÒ»¸öÀýÈç"1=1"Õâ ......

SQL Server bcp

D:\projects\openi\misc\xxxx_data_20090828>bcp [xxxxolap].[dbo].[wdb_cxbz]  in wdb_xxx.txt      -c -T
SQLState = 37000, NativeError = 4060
Error = [Microsoft][SQL Server Native Client 10.0][SQL Server]Cannot open database "xxxolap" requested by the login. The login failed.
S ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ