Ϊʲôsql ÀïÒªÇóstring×Ö¶ÎÓõ¥ÒýºÅÒýÆðÀ´
select * from student where name=?;
Èç¹û²»Óõ¥ÒýºÅÒýÆðÀ´£¬ pstmt.setString(1,"xx or 1=1");¼´sqlÓ¦¸Ã¾ÍÊÇselect * from student where name=xx or 1=1¾Í¿ÉÒÔÈ«²¿²é³ö¡£
Ç¿ÖƵ¥ÒýºÅÒýÆðÀ´£¬select * from student where name='xx or 1=1'¡£¾ÍÎÞЧÁË¡£
ÊýÖµÐ͵ÄûÓÐÒªÇóÓõ¥ÒýºÅÒýÆðÀ´£¬Ó¦¸ÃÊÇÓÉÓÚÓÐÒ»¸öת»»¹ý³Ì°É¡£
select * from student where id=?;
pstmt.setString(1,"xx or 1=1")ת»»Ê§°Ü¡£pstmt.setInt(1,¾ÍÕâû·¨Ð´ÁË)£»
Ïà¹ØÎĵµ£º
1.´ò¿ªSQL server enterprise mananger “ÆóÒµ¹ÜÀíÆ÷”
ÔÚÄãÒªµ¼³öµÄSQLÊý¾Ý¿âÉÏÊó±êÓÒ¼ü²Ëµ¥£ºËùÓÐÈÎÎñ-¡·µ¼³öÊý¾Ý
2.»Ø³öÏÖÒ»¸öµ¼³öÏòµ¼´°¿Ú¡£
Ñ¡Ôñ±»µ¼³öµÄÊý¾ÝÔ´£¬ÎªÄã¸Õ²ÅËùÑ¡ÔñµÄÊý¾Ý¿â£¬Èç¹û·¢ÏÖ²»¶ÔÓ¦×ÔÐÐÐ޸ġ£
3.½øÈëµ¼³öµ½Ä¿±êÊý¾ÝÔ´µÄÑ¡Ôñ£¬ÕâÀïÎÒÃÇҪת³ÉACCESSµÄÊý¾Ý¿â¡£×¢ÒâÑ¡ÔñÊý¾ÝÔ´ÀàÐÍÎ ......
ʵ¼ÊÓ¦ÓÃÖУ¬ÎÒÃǾ³£ÐèÒª°ÑExcelÖеÄÊý¾Ýµ¼ÈëMS SQL Server »òMySQL OracleµÈÊý¾Ý¿âÖС£ÕâЩÊý¾Ý¿â¶¼ÌṩÁ˺ܺõŤ¾ß¹©Óû§Ö±½Ó½«ExcelÖеÄÊý¾Ýµ¼ÈëÊý¾Ý¿âÖС£µ«ÊǺܶàʱºòÎÒÃDz¢²»ÄÜÖ±½Ó²Ù×÷Êý¾Ý¿â¹ÜÀíÆ÷£¨ÒòΪ°²È«ÐèÒª»áÅäÖ÷À»ðǽÀ¹½ØÊý¾Ý¿â¶Ë¿Ú£©£¬ÎÒÃÇÖ»ÄÜͨ¹ýwebÒ³Ãæ¶ÔÊý¾Ý¿â½øÐÐÔ¶³Ì²Ù×÷¡£Õâ¸öʱºò£¬½«ExcelÖеÄÊý ......
Êý¾Ý¿â±íµÄ¼Ç¼Èç¹ûÌ«¶à£¬±ÈÈç´ïµ½ÁË20ÍòÒÔÉÏ£¬ÔÚbosÖÐÒ»´ÎÐÔ²é¼Ç¼×ö´¦Àí¿ÉÄÜ»á³öÏÖoutofmemoryµÄ´íÎó£¬ÎÒÃÇÖ»ÄܲÉÈ¡·Ö¶ÎÈ¡¼Ç¼À´´¦Àí£¬¾ßÌåʾÀýÈçÏ£º
/*dialect*/
With Cust AS
( SELECT fnumber,
ROW_NUMBER() OVER (order by fnumber) as RowNumber ......
ÓÃÏÂÃæµÄÊÓͼ£º
SQL> desc user_col_comments;
Name Null? Type
------------------------------- -------- ----
TABLE_NAME &nbs ......
×÷Õß: ÈýÊ®¶øÁ¢Ê±¼ä£º2009Äê10ÔÂ15ÈÕ 19:21:13±¾Îijö×Ô ¡°inthirties£¨ÈýÊ®¶øÁ¢£©¡±²©¿Í£¬×ªÔØÇëÎñ±Ø×¢Ã÷×÷Õߺͱ£Áô³ö´¦http://blog.csdn.net/inthirties/archive/2009/10/15/4673331.aspx ѧϰÊÇ¿ÝÔïµÄ£¬ËùÒÔ×÷Ϊһ¸öѧϰÕߣ¬ÒªÑ§»áÔÚѧϰÖÐÕÒµ½¿ìÀÖ£¬ÕâÑù²ÅÄܼ¤·¢ÐËȤ£¬ÐËȤÊÇ×îºÃµÄÀÏʦ£¬ÕâÑù£¬Ñ§Ï°¾ÍÂýÂýµÄ±ä³ÉÁËÒ»¼þ ......
