¹ØÓÚÍøÕ¾SQL×¢ÈëµÄÎÊÌâ,ÒÔ¼°½â¾ö°ì·¨
×î½ü·¢ÏÖÎÒÃǹ«Ë¾µÄASP.NETµÄ´úÂëÓÐÆ´½ÓSQLÓï¾äµÄÏ°¹ß£¡ÕâÊǷdz£Î£Ïյġ£ÒÔÏÂÎÒ¾ÙÀý˵Ã÷Ò»ÏÂ
Àý×Ó1£º
statement := "SELECT * from users WHERE name = '" + userName + "'; "
½«Óû§Ãû±äÁ¿(¼´username)ÉèÖÃΪ£º
a' or 't'='t£¬´ËʱÔʼÓï¾ä·¢ÉúÁ˱仯£º
SELECT * from users WHERE name = 'a' OR 't'='t';
Èç¹ûÕâÖÖ´úÂë±»ÓÃÓÚÒ»¸öÈÏÖ¤¹ý³Ì£¬ÄÇôÕâ¸öÀý×Ó¾ÍÄܹ»Ç¿ÆÈÑ¡ÔñÒ»¸öºÏ·¨µÄÓû§Ãû£¬ÒòΪ¸³Öµ't'='tÓÀÔ¶ÊÇÕýÈ·µÄ¡£
Àý×Ó2£º
a'; DROP TABLE users; SELECT * from data WHERE name LIKE '%
Õâ¾Í½«×îÖÕµÄSQLÓï¾ä±ä³ÉÏÂÃæÕâ¸öÑù×Ó£º
SELECT * from users WHERE name = 'a'; DROP TABLE users; SELECT * from DATA WHERE name LIKE '%';
½«»áÔì³ÉÊý¾Ý¿â±í±»É¾³ýµÄÑÏÖغó¹û¡£
ËùÒÔÇ¿ÁÒ½¨Òé´ó¼ÒÍ£Ö¹SQLÓï¾äÆ´½Ó£¨ÌرðÊÇÍøÕ¾Ó¦Óã©£¬²ÉÓôø²ÎÊý»¯´æ´¢¹ý³Ì¡£
¶ÔÓÚÒѾÍê³ÉµÄASP.NETÍøÕ¾Ó¦Óã¬Éè¼ÆÐ޸ĴúÂëÌ«¶àµÄ£¬¿ÉÒÔ¿¼ÂǼÓÈëÈçÏ´úÂë´¦Àíһϣ¬±ÜÃâ±»ÑÏÖØ×¢Èë¹¥»÷¡£¿ÉÒÔͨ¹ýÔÚGlobal.asax.csÎļþÖÐÌí¼Ó¹ýÂ˹ؼü×ֵķ½·¨À´ÊµÏÖ ·ÀÖ¹ sql ×¢Èë¹¥»÷£¨sql injection£©,´úÂëÈçÏ¡£
/// <summary>
/// µ±ÓÐÊý¾Ýʱ½»Ê±£¬´¥·¢Ê¼þ
/// </summary>
/// <param name="sender"> </param>
/// <param name="e"> </param>
protected void Application_BeginRequest(Object sender, EventArgs e)
{
//±éÀúPost²ÎÊý£¬Òþ²ØÓò³ýÍâ
foreach (string i in this.Request.Form)
{
if (i == "__VIEWSTATE") continue;
this.goErr(this.Request.Form.ToString());
}
//±éÀúGet²ÎÊý¡£
foreach (string i in this.Request.QueryString)
{
this.goErr(this.Request.QueryString.ToString());
}
}
///<summary>
///SQL×¢Èë¹ý
Ïà¹ØÎĵµ£º
±íÖÐÖ÷¼ü±ØÐëΪ±êʶÁУ¬[ID] int IDENTITY (1,1)
1.·ÖÒ³·½°¸Ò»£º(ÀûÓÃNot InºÍSELECT TOP·ÖÒ³)
Óï¾äÐÎʽ£º
SELECT TOP Ò³¼Ç¼ÊýÁ¿ *
from ±íÃû
WHERE (ID NOT IN
(SELECT TOP (ÿҳÐÐÊý*(Ò³Êý-1)) ID
from ±íÃû
ORDER BY ID))
ORDER BY ID
//×Ô¼º»¹¿ÉÒÔ¼ÓÉÏһЩ²éѯ ......
TABLE MASTER ×ֶΠID DETAIL.....
TABLE BIZ ×ֶΠSYS_ID CODE_ID .......
²éѯʱÐèÒªµÄÊÇIDµÄÃèÊö
1,SELECT A.SYS_ID,A.CODE_ID,B.DETAIL,C.DETAIL...... from BIZ A,MASTER B,MASTER C WHERE A.SYS_ID=B.ID AND A.CODE_ID=C.ID
2,SELECT SYS_ID,(SELECT DETAIL from MASTER ......
SQL Server 2005ΪXMLÌṩ±¾µØÖ§³Ö;ÏÖÔÚ¿ÉÒÔÔÚOPENXML½ÚµãÖÐʹÓÃÒ»¸ö´øÓÐnodes()º¯ÊýµÄXML×Ö¶ÎÀàÐÍ°ÑÒ»¸öXMLÎļþת»¯ÎªÒ»¸öÐм¯¡£ÈÃÎÒÃÇÀ´¿´Ò»¸öʹÓÃOPENXMLµÄ¼òµ¥Àý×Ó£¬²¢ÏÔʾÈçºÎ°ÑËüת»¯ÎªÔÚSQL Server 2005ÖÐʹÓÃXML×Ö¶ÎÀàÐͺÍnodes()º¯Êý¡£
¡¡¡¡ÎªÁËʹÎÒÃǵÄÀý×Ó¼òµ¥»¯£¬ÎÒÃǽ«¼ÙÉèÎÒÃÇÐèÒªÖ´ÐÐijÖÖ»ùÓڲɹº¶©µ¥ÁÐ±íµ ......
Sql Server2005µÄÒ»¸öÐÂÌØÐÔ±ãÊÇÎÒµÈÁ˺ܾõÄRow_Number(),ÒÔÇ°ÓÃOracleʱÓÃrownumberд·ÖÒ³´æ´¢¹ý³ÌºÜ·½±ã£º£©
ÏÂÃæÊÇÎÒ×öµÄÒ»¸öССµÄ²âÊÔ£¬²âÊÔÎÒÔÀ´ÔÚsql server2000ÏÂËùÓõķÖÒ³´æ´¢¹ý³ÌÓëʹÓÃRow_Number()±àдµÄ´æ´¢¹ý³ÌÔÚSql Server2005ÉϵÄÖ´ÐÐЧÂÊ...
Êý¾Ý±í£º
REATE TABLE [dbo].[test](
[UserId] [int] Pri ......
SQL2000µÄÊý¾ÝÀàÐͼ°³¤¶È
==============================
bigint 8
binary 8000
bit 1
char 8000
datetime 8
decimal 17
float 8
image 16
int 4
money 8
nchar 8000
ntext 16
numeric 17
nvarchar 8000
real 4
smalldatetime 4
smallint 2
smallmoney 4
sql_variant 8016
sysname 256
text 16
tim ......