SQLɾ³ýÓÐĬÈÏÖµ×ֶΣ¨×ª£©
declare @dfname varchar(50)
select @dfname=a.name
from sysobjects a
inner join syscomments b on a.id=b.id
inner join sysconstraints c on c.constid=a.id
inner join syscolumns d on c.colid=d.colid and c.id=d.id
where a.xtype='D' and object_name(d.id)='±íÃû' and d.name='ÁÐÃû'
if @dfname is not null
exec('alter table ±íÃû drop constraint '+@dfname)
Go
alter table ±íÃû drop column ÁÐÃû
Go
Ïà¹ØÎĵµ£º
ϵͳ»·¾³£ºWindows 7
Èí¼þ»·¾³£ºVisual C++ 2008 SP1 +SQL Server 2005
±¾´ÎÄ¿µÄ£º±àдһ¸öº½¿Õ¹ÜÀíϵͳ
ÕâÊÇÊý¾Ý¿â¿Î³ÌÉè¼ÆµÄ³É¹û£¬ËäÈ»³É¼¨²»¼Ñ£¬µ«ÊÇ×÷ΪÎÒÓÃVC++ ÒÔÀ´±àдµÄ×î´ó³ÌÐò»¹ÊÇ´«µ½ÍøÉÏ£¬ÒÔ¹©²Î¿¼¡£ÓÃVC++ ×öÊý¾Ý¿âÉè¼Æ²¢²»ÈÝÒ×£¬µ«Ò²²»ÊDz»¿ÉÄÜ¡£ÒÔÏÂÊÇÎҵijÌÐò½çÃ棬ºóÃæ ......
sql¾«ÃîÓ÷¨
ÎÄÕ·ÖÀà:Êý¾Ý¿â
˵Ã÷£º¸´ÖƱí(Ö»¸´Öƽṹ,Ô´±íÃû£ºa бíÃû£ºb)
select * into b from a where 1<>1
˵Ã÷£º¿½±´±í(¿½±´Êý¾Ý,Ô´±íÃû£ºa Ä¿±ê±íÃû£ºb)
insert into b(a, b, c) select d,e,f from b;
˵Ã÷£ºÏÔʾÎÄÕ¡¢Ìá½»È˺Í×îºó»Ø¸´Ê±¼ä
select a.title,a.username,b.adddate ......
1.²éѯµÄÄ£ºýÆ¥Åä
¾¡Á¿±ÜÃâÔÚÒ»¸ö¸´ÔÓ²éѯÀïÃæʹÓà LIKE '%parm1%'—— ºìÉ«±êʶλÖõİٷֺŻᵼÖÂÏà¹ØÁеÄË÷ÒýÎÞ·¨Ê¹Óã¬×îºÃ²»ÒªÓÃ.
½â¾ö°ì·¨:
ÆäʵֻÐèÒª¶Ô¸Ã½Å±¾ÂÔ×ö¸Ä½ø£¬²éѯËٶȱã»áÌá¸ß½ü°Ù±¶¡£¸Ä½ø·½·¨ÈçÏ£º
a¡¢ÐÞ¸Äǰ̨³ÌÐò——°Ñ²éѯÌõ¼þµÄ¹©Ó¦ÉÌÃû³ÆÒ»À¸ÓÉÔÀ´µÄÎı¾ÊäÈë¸ÄΪÏÂÀÁб ......
1¡¢¼ì²éÊÇ·ñÓзǷ¨×Ö·û
public static boolean sql_inj(String str)
{
String inj_str = "'|and|exec|insert|select|delete|update|
count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,";
//ÕâÀïµÄ¶«Î÷»¹¿ÉÒÔ×Ô¼ºÌí¼Ó
String[] inj_stra=inj_str.split("\\|");
for ......
¼ÇÈ¡¼Ç¼¼¯
create procedure getArticle
as
select * from Article_Content
GO
asp.net µ÷Ó÷½·¨
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = Data.Connstr();
Conn.Open();
......
