SQL ·À×¢Èëʽ¹¥»÷
1¡¢¼ì²éÊÇ·ñÓзǷ¨×Ö·û
public static boolean sql_inj(String str)
{
String inj_str = "'|and|exec|insert|select|delete|update|
count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
//ÕâÀïµÄ¶«Î÷»¹¿ÉÒÔ×Ô¼ºÌí¼Ó
String[] inj_stra=inj_str.split("\\|");
for (int i=0 ; i <; inj_stra.length ; i++ )
{
if (str.indexOf(inj_stra[i])<=0)
{
return true;
}
}
return false;
}
2¡¢¹ýÂË·Ç·¨×Ö·û
public static String TransactSQLInjection(String str)
{
return str.replaceAll(".*([';]+|(--)+).*", " ");
}
Ïà¹ØÎĵµ£º
Êý¾Ý¿âsqlµÄÌØÊâ×Ö·û£º
1£©µ¥ÒýºÅ’£ºÀýÈçstring a = “this is marry’s book.”;
ʹÓÃinsertʱ¾Í»á³ö´í¡£
½â¾ö£ºa= a.Replace("'","' ......
Ò»¡¢Êý¾Ý¿â´æ´¢¸ÅÊö
1¡¢Êý¾ÝÎļþÀàÐÍ
· Primary data files:ÿ¸öÊý¾Ý¿â¶¼ÓÐÒ»¸öµ¥¶ÀµÄÖ÷ÒªÊý¾ÝÎļþ£¬Ä¬ÈÏÒÔ.mdfÀ©Õ¹Ãû¡£Ö÷ÒªÊý¾ÝÎļþ²»½ö°üº¬Êý¾ÝÐÅÏ¢£¬»¹°üº¬Óë¸ÃÊý¾Ý¿â½á¹¹Ïà¹ØµÄÐÅÏ¢¡£´´½¨Êý¾Ý¿âʱ£¬Êý¾Ý¿â½á¹¹Ïà¹ØÐÅÏ¢²»½ö´æÔÚÓÚmasterÊý¾Ý¿âÖУ¬Í¬Ê ......
±àд¸ßÐÔÄܵÄSQLÓï¾ä×¢ÒâÊÂÏî
ÔÚÓ¦ÓÃϵͳ¿ª·¢³õÆÚ£¬ÓÉÓÚ¿ª·¢Êý¾Ý¿âÊý¾Ý±È½ÏÉÙ£¬¶ÔÓÚ²éѯSQLÓï¾ä£¬¸´ÔÓÊÓͼµÄµÄ±àдµÈÌå»á²»³öSQLÓï¾ä¸÷ÖÖд·¨µÄÐÔÄÜÓÅÁÓ£¬µ«ÊÇÈç¹û½«Ó¦ÓÃϵͳÌύʵ¼ÊÓ¦Óúó£¬Ëæ×ÅÊý¾Ý¿âÖÐÊý¾ÝµÄÔö¼Ó£¬ÏµÍ³µÄÏìÓ¦ËٶȾͳÉΪĿǰϵͳÐèÒª½â¾öµÄ×îÖ÷ÒªµÄÎÊÌâÖ®Ò»¡£ÏµÍ³ÓÅ»¯ÖÐÒ»¸öºÜÖØÒªµÄ·½Ãæ¾ÍÊÇSQLÓï¾äµÄÓÅ ......
À´Ô´:http://hi.baidu.com/czgblog/blog/item/3abd5aa911d51ff51f17a292.html
function OnFirstUIAfter()
STRING szTitle, szMsg1, szMsg2, szOpt1, szOpt2;
NUMBER bvOpt1, bvOpt2;
NUMBER bShowUpdateServiceDlg;
......
ʹÓÃVB°ÑExcelµ¼Èëµ½SqlÊý¾Ý¿âÖУ¬ÆäʵÓм¸ÖÖ·½·¨¡£
ÏÂÃæÎÒ½éÉܵÄÕâÖÖ·½·¨£¬½ÏΪ¼òµ¥¡£
ÆäʵÕâÖÖ·½·¨µÄ»°£¬ÊÇÖ±½ÓʹÓÃT-SQL²Ù×÷µÄ£¬Òò´Ë£¬µ½ÁËVBÀïÃ棬ֱ½ÓeccuteÕâ¸ö´úÂë¾ÍOKÁ˵ġ£
-----------------------------------------------------ÏÂÃæÊÇÔÚT-sqlÖеÄÓï¾ä
if object_id('NewTable') is not null/*ÅжϱíNewTabl ......
