易截截图软件、单文件、免安装、纯绿色、仅160KB

SQL SERVER 2005 页面文件头部结构

       Next up in the Inside the Storage Engine series is a discussion of page structure. Pages exist to store records. A database page is an 8192-byte (8KB) chunk of a database data file. They are aligned on 8KB boundaries within the data files, starting at byte-offset 0 in the file.
Here's a picture of the basic structure
Header
The page header is 96 bytes long. What I'd like to do in this section is take an example page header dump from DBCC PAGE and explain what all the fields mean. I'm using the database from the page split post and I've snipped off the rest of the DBCC PAGE output.
DBCC
TRACEON (3604)DBCC
PAGE ('pagesplittest', 1, 143, 1);GO
m_pageId = (1:143)                   m_headerVersion = 1                  m_type = 1
m_typeFlagBits = 0x4                 m_level = 0                          m_flagBits = 0x200
m_objId (AllocUnitId.idObj) = 68     m_indexId (AllocUnitId.idInd) = 256 
Metadata: AllocUnitId = 72057594042384384                                
Metadata: PartitionId = 72057594038386688                                 Metadata: IndexId = 1
Metadata: ObjectId = 2073058421      m_prevPage = (0:0)           &


相关文档:

动态SQL

Sample1:
/* Variable Declaration */
DECLARE @EmpID AS SMALLINT
DECLARE @SQLQuery AS NVARCHAR(500)
/* Build and Execute a Transact-SQL String with a single parameter value Using EXECUTE Command */
SET @EmpID = 1001
SET @SQLQuery = 'SELECT * from tblEmployees WHERE EmployeeID = ' + CAST(@EmpID A ......

尽量不要拼凑Sql语句,用参数来防注入

    如果是类似"select   *   from   user   where   uid="+uid +"  and   pwd="+pwd 很容易出问题
    使用   SQLParamenter      
    把你的SQL语句写成   类似存储过程   ......

一个SQL面试题

 题目要求
阿里baba的面试题
有三个表
    学生表  S 
          SID  SNAME
  教师课表 T 
          TID  TNAME  TCL
  成绩表  SC &n ......

sql server查询数据库中包含指定字符串的数据表

 发布一个实用小工具,可以很方便的在数据库中找到包含指定字符串的数据表名及相应记录:
/*
功能:查询数据库中包含指定字符串的数据表名及相应记录
作者:陈加鹏 chjpeng#163.com
日期:2009-08-17
*/
declare @key varchar(30)
set @key = 'test'    --替换为要查找的字符串
DECLARE @ ......

整理比较全的Access SQL注入参考

 Access SQL注入参考
版本 0.2.1
(最近更新 10/10/2007)
原作者不详
 
描述 SQL查询及注释
注释符 Access中没有专门的注释符号.因此"/*", "--"和"#"都没法使用.但是可以使用空字符"NULL"(%00)代替:
' UNION SELECT 1,1,1 from validTableName%00
 
语法错误信息 "[Microsoft][Driver ODBC Micros ......
© 2009 ej38.com All Rights Reserved. 关于E健网联系我们 | 站点地图 | 赣ICP备09004571号