sql常用语句
use myoa
select * from
delete from department where departmentid=1
insert Department(DepartmentId,DepartmentName) values(1,'技术部')
update Department set departmentname='信息技术部' where departmentid=1
--删除表
drop table department
--删除数据库
drop database bai
--统计数据库表中记录
select count(*) as 数据库记录 from Department
相关文档:
create PROCEDURE pagelist
@tablename nvarchar(50),
@fieldname nvarchar(50)='*',
@pagesize int output,--每页显示记录条数
@currentpage int output,--第几页
@orderid nvarchar(50),--主键排序
@sort int,--排序方式,1表示升序,0表示降序排列
......
SQL 注入攻击原理及防护
在确认可以注入的情况下,使用下面的语句:
HTTP://www.163.com/news.asp?id=xx ;and (select count(*) from sysobjects)>0
HTTP://www.163.com/news.asp?id=xx ;and (select count(*) from msysobjects)>0
如果数据库是SQLServer,那么第一个网址的页面与原页面HTTP://www.163.com/news.asp? ......
--日期转换参数,值得收藏
select CONVERT(varchar, getdate(), 120 )2004-09-12 11:06:08
select replace(replace(replace(CONVERT(varchar, getdate(), 120 ),'-',''),' ',''),':','')20040912110608
select CONVERT(varchar(12) , getdate(), 111 )2004/09/12
select CONVERT(varchar(12) , getdate(), 112 )20040912 ......
