SQL Server TEXTÀàÐÍ×Ö¶Î×Ö·û´®Ì滻ʾÀý´¦Àí½Å±¾
/*--text×ֶεÄÌæ»»´¦Àí
--*/
--´´½¨Êý¾Ý²âÊÔ»·¾³
--create table #tb(aa text)
declare @s_str varchar(8000),@d_str varchar(8000), --¶¨ÒåÌæ»»µÄ×Ö·û´®
@p varbinary(16),@postion int,@rplen int,@i_Start int, @i_End int
select identity(int,1,1) as [id],newsid into # from news
select @i_Start=min([id]),@i_End=max([id]) from #
while (@i_Start<=@i_End)
begin
--insert into #tb(aa) select content from # where [id]=@i_Start
select @s_str='\' --ÒªÌæ»»µÄ×Ö·û´®
,@d_str='!' --Ìæ»»³ÉµÄ×Ö·û´®
--×Ö·û´®Ìæ»»´¦Àí
select @p=textptr(content),@rplen=len(@s_str),@postion=charindex(@s_str,content)-1 from news where newsid in (select top 1 newsid from # where [id]=@i_Start)
while @postion>0
begin
updatetext news.content @p @postion @rplen @d_str
select @postion=charindex(@s_str,content)-1 from news where newsid in (select top 1 newsid from # where [id]=@i_Start)
end
--truncate table #tb
select @i_Start=@i_Start+1
end
--ɾ³ýÊý¾Ý²âÊÔ»·¾³
--drop table #tb
drop table #
Ïà¹ØÎĵµ£º
ÔÚSQL ServerÖгöÓÚÊý¾Ý°²È«µÄ¿¼ÂÇ£¬ËùÒÔÐèÒª¶¨Æڵı¸·ÝÊý¾Ý¿â¡£¶ø±¸·ÝÊý¾Ý¿âÒ»°ãÓÖÊÇÔÚÁ賿ʱ¼ä»ù±¾Ã»ÓÐÊý¾Ý¿â²Ù×÷µÄʱºò½øÐУ¬ËùÒÔÎÒÃDz»¿ÉÄÜÒªÇó¹ÜÀíԱÿÌìÊص½ÍíÉÏ1µãÈ¥±¸·ÝÊý¾Ý¿â¡£ÒªÊµÏÖÊý¾Ý¿âµÄ¶¨Ê±×Ô¶¯±¸·Ý£¬×î³£Óõķ½Ê½¾ÍÊÇʹÓÃSQL Server´úÀíÖеÄ×÷Òµ¡£Æô¶¯SQL Server Agent·þÎñ£¬È»ºóÔÚÆäÖÐн¨×÷Òµ£¬×÷ÒµÖÐÌí¼ ......
´æ´¢½ø³Ì¾ÍÊÇ×÷Ϊ¿ÉÖ´ÐжÔÏó´æ·ÅÔÚÊý¾Ý¿âÖеÄÒ»¸ö»ò¶à¸öSQLÃüÁî¡£
¶¨Òå×ÜÊǺܳéÏó¡£´æ´¢½ø³ÌÆäʵ¾ÍÊÇÄÜÍê³ÉÒ»¶¨²Ù×÷µÄÒ»×éSQLÓï¾ä£¬Ö»²»¹ýÕâ×éÓï¾äÊÇ·ÅÔÚÊý¾Ý¿âÖеÄ(ÕâÀïÎÒÃÇ̸ֻSQL SERVER)¡£Èç¹ûÎÒÃÇͨ¹ý´´½¨´æ´¢½ø³ÌÒÔ¼°ÔÚASPÖе÷Óô洢½ø³Ì£¬¾Í¿ÉÒÔ±ÜÃ⽫SQLÓï¾äͬASP´úÂë»ìÔÓÔÚÒ ......
sqlÔڶ෽ÃþË÷ºÍÅóÓѵİïÖúÏ£¬ÖÕÓÚ¿ÉÒÔÁ¬½Ó³É¹¦£¬Õâ¶ÔÎÒÀ´ËµÊǸöÀï³Ì±®À´µÄ£¬ÔÚ¹¤×÷µÄ¹ý³ÌÖÐÎÒ×ÜÊÇûÓлú»á¿ÉÒÔÅö´¥µ½SQL£¬µ±ÎÒ¹ÄÆðÓÂÆøÓÂÆøÏëѧϰµÄʱºòÎÒÁ¬ÔõôÓö¼²»»á£¬½øÀ´ÖÕÓÚÁ´½Ó³É¹¦£¬¿ªÐĵغÍÅóÓÑ·ÖÏíÎҵijɹû¡£
1.°²×°sql£¬Ñ§Ï°SQl£¬ÒòΪһ°ãÎÒÊÇÏëÒªÓÃÓÚVS2005ÏîÄ¿µÄ£¬ËùÒÔÒ»°ã×îºó¾ÍÏÈ°²×°VSÈí¼þ£¬ÒÔ±ã ......
¹ØÓÚSQL×¢Èë(SQL Injection)µÄ·½·¨Æäʵ¶¼ºÜÆÕ±éºÍʹÓ㬹éÄÉÆðÀ´Ò²ºÜ·½±ã¡£Ò»°ã“ºÚ¿Í”ʹÓõÄÊÇÏֳɵŤ¾ßÈç“WEBÅÔ×¢¡¢°¢DÍøÂ繤¾ß°ü¡¢½ÌÖ÷XXX”µÈÕâЩ¶¼ÊǼ¯³ÉÁË
һЩ³£ÓõÄsql×¢ÈëÓï¾ä¡£ÏÂÃæÎÒ½«½éÉÜÈçºÎʹÓÃÊÖ¹¤×¢ÈëMYSQL,MSSQLÊý¾Ý¿â.
Ò»°ã©¶´²ú ......
