ÈýÖÖSQL·ÖÒ³·¨¡¾×ªÌû¡¿
Ó¦Ò»¸öÅóÓѵÄÒªÇó£¬ÌùÉÏÊղصÄSQL³£Ó÷ÖÒ³µÄ°ì·¨¡«¡«
±íÖÐÖ÷¼ü±ØÐëΪ±êʶÁУ¬[ID] int IDENTITY (1,1)
1.·ÖÒ³·½°¸Ò»£º(ÀûÓÃNot InºÍSELECT TOP·ÖÒ³)
Óï¾äÐÎʽ£º
SELECT TOP Ò³¼Ç¼ÊýÁ¿ *
from ±íÃû
WHERE (ID NOT IN
(SELECT TOP (ÿҳÐÐÊý*(Ò³Êý-1)) ID
from ±íÃû
ORDER BY ID))
ORDER BY ID
//×Ô¼º»¹¿ÉÒÔ¼ÓÉÏһЩ²éѯÌõ¼þ
Àý:
select top 2 *
from Sys_Material_Type
where (MT_ID not in
(select top (2*(3-1)) MT_ID from Sys_Material_Type order by MT_ID))
order by MT_ID
2.·ÖÒ³·½°¸¶þ£º(ÀûÓÃID´óÓÚ¶àÉÙºÍSELECT TOP·ÖÒ³£©
Óï¾äÐÎʽ£º
SELECT TOP ÿҳ¼Ç¼ÊýÁ¿ *
from ±íÃû
WHERE (ID >
(SELECT MAX(id)
from (SELECT TOP ÿҳÐÐÊý*Ò³Êý id from ±í
ORDER BY id) AS T)
)
ORDER BY ID
Àý:
SELECT TOP 2 *
from Sys_Material_Type
WHERE (MT_ID >
(SELECT MAX(MT_ID)
from (SELECT TOP (2*(3-1)) MT_ID
from Sys_Material_Type
ORDER BY MT_ID) AS T))
ORDER BY MT_ID
3.·ÖÒ³·½°¸Èý£º(ÀûÓÃSQLµÄÓÎ±ê´æ´¢¹ý³Ì·ÖÒ³)
create procedure SqlPager
@sqlstr nvarchar(4000), --²éѯ×Ö·û´®
@currentpage int, --µÚNÒ³
@pagesize int --ÿҳÐÐÊý
as
set nocount on
declare @P1 int, --P1ÊÇÓαêµÄid
@rowcount int
exec sp_cursoropen @P1 output,@sqlstr,@scrollopt=1,@ccopt=1, @rowcount=@rowcount output
select ceiling(1.0*@rowcount/@pagesize) as ×ÜÒ³Êý--,@rowcount as ×ÜÐÐÊý,@currentpage as µ±Ç°Ò³
set @currentpage=(@currentpage-1)*@pagesize+1
exec sp_cursorfetch @P1,16,@currentpage,@pagesize
exec sp_cursorclose @P1
set nocount off
4.×ܽá:
ÆäËüµÄ·½°¸£ºÈç¹ûûÓÐÖ÷¼ü£¬¿ÉÒÔÓÃÁÙʱ±í£¬
Ïà¹ØÎĵµ£º
----start
¶¯Ì¬SQLÊÇÔÚ³ÌÐòÔËÐÐʱ¹¹ÔìµÄ£¬ÒªÖ´Ðе¥ÌõSQL£¬Ê¹ÓÃEXECUTE IMMEDATE Óï¾ä£»µ±ÅúÁ¿Ö´ÐÐSQLʱ£¬ÏÈʹÓÃPREPARE Óï¾ä¹¹ÔìSQL£¬È»ºóʹÓÃEXECUTE Óï¾äÖ´ÐС£
Ò»£ºPrepareÓï¾ä£ºÓÃÀ´¹¹ÔìÅúÁ¿SQL
Óï·¨£º
PREPARE <sql-statement> [OUTPUT] INTO <result> [INPUT INTO] <input> ......
1¡¢ ÓóÌÐòÖУ¬±£Ö¤ÔÚʵÏÖ¹¦ÄܵĻù´¡ÉÏ£¬¾¡Á¿¼õÉÙ¶ÔÊý¾Ý¿âµÄ·ÃÎÊ´ÎÊý£»Í¨¹ýËÑË÷²ÎÊý£¬¾¡Á¿¼õÉÙ¶Ô±íµÄ·ÃÎÊÐÐÊý,×îС»¯½á¹û¼¯£¬´Ó¶ø¼õÇáÍøÂ縺µ££»Äܹ»·Ö¿ªµÄ²Ù×÷¾¡Á¿·Ö¿ª´¦Àí£¬Ìá¸ßÿ´ÎµÄÏìÓ¦ËÙ¶È£»ÔÚÊý¾Ý´°¿ÚʹÓÃSQLʱ£¬¾¡Á¿°ÑʹÓõÄË÷Òý·ÅÔÚÑ¡ÔñµÄÊ×ÁУ»Ëã·¨µÄ½á¹¹¾¡Á¿¼òµ¥£»ÔÚ²éѯʱ£¬²»Òª¹ý¶àµØÊ¹Óà ......
SQLλÔËËã
select 2|8 --10
select 2|8|1 --11
select 10&8 --8,°üº¬,10=8+2
select 10&2 --2,°üº¬,10=2+8
select 10&4 --0,²»°üº¬
select 19&16 --16,°üº¬,19=16+2+1
s ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
°²×°SQL Server2005 ÎÊÌâÐÅÏ¢£º
“SQL Server °²×°³ÌÐòÎÞ·¨»ñÈ¡ ASPNET ÕÊ»§µÄϵͳÕÊ»§ÐÅÏ¢”
½â¾ö°ì·¨£º
ÓÃaspnet_regiisʵÓù¤¾ßÐ¶ÔØºÍÖØÐ°²×°Ò»Ï¾ͿÉÒÔÁË¡£
¾ßÌåµÄ²Ù×÷£º
1¡¢½øÈëCMD£º
C:\windows\microsoft.net\framework\v2.0.50727Îļþ¼ÐÏ£¬ÔËÐÐaspnet_regiis -uÐ¶ÔØ
È»ºóÔËÐÐaspnet_regiis -i Ö ......