SQLÖаѲéѯ³öÀ´µÄ½á¹ûÓöººÅÁ¬½ÓÆðÀ´
SELECT A,B=stuff((select ' ' + '×Ö¶ÎC£º' + C + ',×Ö¶ÎD£º' + D) + ';' from tbl WHERE (key= 'Ìõ¼þ') for xml path('')) , 1 , 1 ,'')
from tbl
WHERE (key= 'Ìõ¼þ')
group by key
ÀýÈ磺һ¸ö±íÖÐkeyΪAAµÄ¼Ç¼ÓÐ2Ìõ£¬µÚÒ»ÌõÖÐ×Ö¶ÎCµÄֵΪCC£¬×Ö¶ÎDµÄֵΪDD£¬µÚ¶þÌõÖÐ×Ö¶ÎCµÄֵΪCCC£¬×Ö¶ÎDµÄֵΪDDD£¬ÄÇôִÐиÄÓï¾äºóµÄ½á¹ûΪ£ºA=AA,B=CC,DD;CCC,DDD
Ïà¹ØÎĵµ£º
ϵͳ»·¾³£ºWindows 7
Èí¼þ»·¾³£ºVisual C++ 2008 SP1 +SQL Server 2005
±¾´ÎÄ¿µÄ£º±àдһ¸öº½¿Õ¹ÜÀíϵͳ
ÕâÊÇÊý¾Ý¿â¿Î³ÌÉè¼ÆµÄ³É¹û£¬ËäÈ»³É¼¨²»¼Ñ£¬µ«ÊÇ×÷ΪÎÒÓÃVC++ ÒÔÀ´±àдµÄ×î´ó³ÌÐò»¹ÊÇ´«µ½ÍøÉÏ£¬ÒÔ¹©²Î¿¼¡£ÓÃVC++ ×öÊý¾Ý¿âÉè¼Æ²¢²»ÈÝÒ×£¬µ«Ò²²»ÊDz»¿ÉÄÜ¡£ÒÔÏÂÊÇÎҵijÌÐò½çÃ棬ºóÃæ ......
ÈÕÖ¾¶ÁÈ¡Æ÷Ö»½«ÒѾCOMMITµÄÊÂÎñ´«Ë͵½·Ö·¢Êý¾Ý¿â¡£
²âÊÔ·½·¨£º
1. ÔÚ·¢²¼Êý¾Ý¿âÖ´ÐУº
begin tran
insert testTable2 (aaa,bbb,ddd,ccc)
values ('jawefwao','jfowijef','jaiwejfo','civjoiw')
insert testTable2 (aaa,bbb,ddd,ccc)
values ('jawefwao2','jfowijef2','jaiwejfo2','civjoiw2')
insert& ......
¡¡¡¾IT168 ¼¼ÊõÎĵµ¡¿¹ÊÊ¿ªÆª£ºÄãºÍÄãµÄÍŶӾ¹ý²»Ð¸Å¬Á¦£¬ÖÕÓÚʹÍøÕ¾³É¹¦ÉÏÏߣ¬¸Õ¿ªÊ¼Ê±£¬×¢²áÓû§½ÏÉÙ£¬ÍøÕ¾ÐÔÄܱíÏÖ²»´í£¬µ«Ëæ×Å×¢²áÓû§µÄÔö¶à£¬·ÃÎÊËٶȿªÊ¼±äÂý£¬Ò»Ð©Óû§¿ªÊ¼·¢À´Óʼþ±íʾ¿¹Ò飬ÊÂÇé±äµÃÔ½À´Ô½Ô㣬ΪÁËÁôסÓû§£¬Ä㿪ʼ×ÅÊÖµ÷²é·ÃÎʱäÂýµÄÔÒò¡£
¡¡¡¡¾¹ý½ôÕŵĵ÷²é£¬Äã·¢ÏÖÎÊÌâ³öÔÚÊý¾Ý¿âÉÏ£¬µ±Ó¦ ......
¡¡¾ÍÈçͬÊý¾Ý¿âDBAÁ˽âµÄÒ»Ñù£¬ºÏÊʵÄË÷ÒýÄܹ»Ìá¸ß²éѯÐÔÄܺÍÓ¦ÓóÌÐò¿É²âÁ¿ÐÔ¡£µ«ÊÇÿ¸ö¸½¼ÓµÄË÷Òý£¬¶¼¸øϵͳÔö¼ÓÁ˶îÍ⿪Ïú£¬ÒòΪËæ×ÅÊý¾Ý´Ó±íºÍÊÓͼÖ⻶ÏÔö¼Ó¡¢Ð޸ĻòÇå³ý£¬SQL ServerÐèҪά»¤ÕâЩË÷Òý¡£
¡¡¡¡Ö®Ç°£¬ÎÒ½éÉÜÁËһ϶¯Ì¬¹ÜÀíÊÓͼ(DMV)¡£ËüÊÇÒ»ÖÖºÜÓÐÓõļà¿ØºÍ½â¾öSQL Server¹ÊÕϵŤ¾ß¡£±¾ÎÄÊÇËüµÄÐøƪ£¬ ......
SQL Injection with MySQL
±¾ÎÄ×÷Õߣºangel
ÎÄÕÂÐÔÖÊ£ºÔ´´
·¢²¼ÈÕÆÚ£º2004-09-16
±¾ÎÄÒѾ·¢±íÔÚ¡¶ºÚ¿Í·ÀÏß¡·7Ô¿¯£¬×ªÔØÇë×¢Ã÷¡£ÓÉÓÚдÁ˺ܾã¬Ëæ׿¼ÊõµÄ½ø²½£¬±¾ÈËÒ²·¢ÏÖ¸ÃÎÄÀïÓв»ÉÙ´íÎóºÍÂÞàµĵط½¡£Çë¸÷λ¸ßÊÖ¿´Á˲»ÒªÐ¦¡£±¾ÎÄдÓÚ¡¶Advanced SQL Injection with MySQL¡·Ö®Ç°Ò»¸öÔ¡£
ÉùÃ÷
¡¡¡¡±¾ÎĽöÓÃÓÚ½ ......
