EXCELÉú³ÉSQL½¨±í´æ´¢¹ý³ÌµÄVBA½Å±¾
HO~HO~EXCELÉú³ÉSQL½¨±í´æ´¢¹ý³ÌµÄVBA½Å±¾^_^ÔÞÒ»ÏÂ
2007-12-11 10:39
'+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ È«¾Ö±äÁ¿¶¨Òå
Const MAX_COLUMN_NUM = 50
Dim stOutputPath As String
Dim stOutputFile As String
Dim stDBName As String
Dim stUserName As String
Dim stUserPasswd As String
'+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Set InitProcess³õʼ»¯¹ý³Ì
Public Sub InitProcess()
'³õʼ»¯Êä³öÎļþ¼Ð
stOutputPath = Application.ThisWorkbook.Path + "\OUTSQL\"
'³õʼ»¯Êý¾Ý¿âÃû
stDBName = Worksheets("Ê×Ò³").Cells(1, 2).Value
If stDBName = "" Then
MsgBox "Êý¾Ý¿âÃû²»ÄÜΪ¿Õ"
Exit Sub
End If
'³õʼ»¯Êä³öÎļþÃû
stOutputFile = stOutputPath & stDBName & "Create.sql"
'´´½¨Êä³öÎļþ¼ÐandÎļþ
On Error Resume Next
If Dir(stOutputPath) = "" Then
MkDir stOutputPath
End If
Dim FileObj, MyFile
Set FileObj = CreateObject("Scripting.FileSystemObject")
If FileObj.FileExists(stOutputFile) Then
Kill stOutputFile
End If
Set MyFile = FileObj.CreateTextFile(stOutputFile, True)
'³õʼ»¯Óû§Ãû£¬Óû§ÃÜÂë
stUserName = Worksheets("Ê×Ò³").Cells(2, 2).Value
stUserPasswd = Worksheets("Ê×Ò³").Cells(3, 2).Value
End Sub
'+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ´´½¨Êý¾Ý¿âº¯Êý
Public Sub CreateDbSQL(ByVal OutSq
Ïà¹ØÎĵµ£º
Ò»¡¢Êý¾Ý¿â´æ´¢¸ÅÊö
1¡¢Êý¾ÝÎļþÀàÐÍ
· Primary data files:ÿ¸öÊý¾Ý¿â¶¼ÓÐÒ»¸öµ¥¶ÀµÄÖ÷ÒªÊý¾ÝÎļþ£¬Ä¬ÈÏÒÔ.mdfÀ©Õ¹Ãû¡£Ö÷ÒªÊý¾ÝÎļþ²»½ö°üº¬Êý¾ÝÐÅÏ¢£¬»¹°üº¬Óë¸ÃÊý¾Ý¿â½á¹¹Ïà¹ØµÄÐÅÏ¢¡£´´½¨Êý¾Ý¿âʱ£¬Êý¾Ý¿â½á¹¹Ïà¹ØÐÅÏ¢²»½ö´æÔÚÓÚmasterÊý¾Ý¿âÖУ¬Í¬Ê ......
sql¾«ÃîÓ÷¨
ÎÄÕ·ÖÀà:Êý¾Ý¿â
˵Ã÷£º¸´ÖƱí(Ö»¸´Öƽṹ,Ô´±íÃû£ºa бíÃû£ºb)
select * into b from a where 1<>1
˵Ã÷£º¿½±´±í(¿½±´Êý¾Ý,Ô´±íÃû£ºa Ä¿±ê±íÃû£ºb)
insert into b(a, b, c) select d,e,f from b;
˵Ã÷£ºÏÔʾÎÄÕ¡¢Ìá½»È˺Í×îºó»Ø¸´Ê±¼ä
select a.title,a.username,b.adddate ......
1.²éѯµÄÄ£ºýÆ¥Åä
¾¡Á¿±ÜÃâÔÚÒ»¸ö¸´ÔÓ²éѯÀïÃæʹÓà LIKE '%parm1%'—— ºìÉ«±êʶλÖõİٷֺŻᵼÖÂÏà¹ØÁеÄË÷ÒýÎÞ·¨Ê¹Óã¬×îºÃ²»ÒªÓÃ.
½â¾ö°ì·¨:
ÆäʵֻÐèÒª¶Ô¸Ã½Å±¾ÂÔ×ö¸Ä½ø£¬²éѯËٶȱã»áÌá¸ß½ü°Ù±¶¡£¸Ä½ø·½·¨ÈçÏ£º
a¡¢ÐÞ¸Äǰ̨³ÌÐò——°Ñ²éѯÌõ¼þµÄ¹©Ó¦ÉÌÃû³ÆÒ»À¸ÓÉÔÀ´µÄÎı¾ÊäÈë¸ÄΪÏÂÀÁб ......
1¡¢¼ì²éÊÇ·ñÓзǷ¨×Ö·û
public static boolean sql_inj(String str)
{
String inj_str = "'|and|exec|insert|select|delete|update|
count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
//ÕâÀïµÄ¶«Î÷»¹¿ÉÒÔ×Ô¼ºÌí¼Ó
String[] inj_stra=inj_str.split("\\|");
for ......
