¹ØÓÚ³ÌÐò´úÂëÖеÄSQLÓï¾ä
ÔÚ³ÌÐòÖÐÓÐЩ²éѯÓï¾äÏà¶Ô½Ï³¤£¬¿ÉÒÔ½«Óï¾äµ¥¶ÀдÔÚÒ»¸öXXX.sqlÎļþÖУ¬ÔÚ³ÌÐòÖжÁÈ¡SQLÎļþ
¾ßÌåÉæ¼°µ½
import java.io.File;
import org.apache.commons.io.FileUtils;
import java.net.URL;
URL resourceUrl = XXXX.class.getClassLoader().getResource(SQL_PATH+sqlName);//SQL_PATH¾ßÌåSQLÎļþ´æÔÚ·¾¶£¬sqlName¼´SQLÎļþÃû£¬ XXXXµ±Ç°Àà
File sqlFile = new File(resourceUrl.getPath()); //¶ÁÈ¡SQLÎļþ
String sql = FileUtils.readFileToString(sqlFile, "UTF-8"); //µÃµ½SQLÓï¾ä
Ïà¹ØÎĵµ£º
Ó°ÏìÊý¾Ý¿â»¹ÔËٶȵÄÒòËغÍÓ°ÏìÊý¾Ý¿â±¸·ÝËٶȵÄÒòËØÏàͬ¡£³ý´ËÖ®Í⣬¼ÙÈçÄãʹÓÃSQL Server 2005µÄ»°£¬Ä㻹¿ÉÒÔÆô¶¯ÁíÍâÒ»¸öÓÅ»¯ÈÎÎñÀ´»¹Ôµ±Ç°²»´æÔÚµÄÊý¾Ý¿â£¬ÔËÐл·¾³ÎªWindows XP£¬Windows 2003 Server »ò¸üа汾¡£
Perform Volume Maintenance Tasks
µ±Ä㻹ÔÒ»¸öеÄÍêÕûÊý¾Ý¿âÊÇ£¬SQL Server¶Á±¸·ÝÎļþÍ·£¬È»ºó´ ......
¡¡--Óï ¾ä ¹¦ ÄÜ¡¡¡¡--Êý¾Ý²Ù×÷¡¡¡¡SELECT --´ÓÊý¾Ý¿â±íÖмìË÷Êý¾ÝÐкÍÁС¡¡¡INSERT --ÏòÊý¾Ý¿â±íÌí¼ÓÐÂÊý¾ÝÐС¡¡¡DELETE --´ÓÊý¾Ý¿â±íÖÐɾ³ýÊý¾ÝÐС¡¡¡UPDATE --¸üÐÂÊý¾Ý¿â±íÖеÄÊý¾Ý¡¡¡¡--Êý¾Ý¶¨Òå¡¡¡¡CREATE TABLE --´´½¨Ò»¸öÊý¾Ý¿â±í¡¡¡¡DROP TABLE --´ÓÊý¾Ý¿âÖÐɾ³ý±í¡¡¡¡ALTER TABLE --ÐÞ¸ÄÊý¾Ý¿â±í½á¹¹¡¡¡¡CREATE VI ......
1¡¢ ÓóÌÐòÖУ¬±£Ö¤ÔÚʵÏÖ¹¦ÄܵĻù´¡ÉÏ£¬¾¡Á¿¼õÉÙ¶ÔÊý¾Ý¿âµÄ·ÃÎÊ´ÎÊý£»Í¨¹ýËÑË÷²ÎÊý£¬¾¡Á¿¼õÉÙ¶Ô±íµÄ·ÃÎÊÐÐÊý,×îС»¯½á¹û¼¯£¬´Ó¶ø¼õÇáÍøÂ縺µ££»Äܹ»·Ö¿ªµÄ²Ù×÷¾¡Á¿·Ö¿ª´¦Àí£¬Ìá¸ßÿ´ÎµÄÏìÓ¦Ëٶȣ»ÔÚÊý¾Ý´°¿ÚʹÓÃSQLʱ£¬¾¡Á¿°ÑʹÓõÄË÷Òý·ÅÔÚÑ¡ÔñµÄÊ×ÁУ»Ëã·¨µÄ½á¹¹¾¡Á¿¼òµ¥£»ÔÚ²éѯʱ£¬²»Òª¹ý¶àµØʹÓà ......
for ACCESS :
update a, b set a.name=b.name1 where a.id=b.id
for SQL Server:
"update a set a.name=b.name1 from a,b where a.id=b.id"
update a set a.status=b.status
from table1 a,table2 b
&nbs ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
