sql ´æ´¢¹ý³Ì ·ÖÒ³
-- FUN:´æ´¢¹ý³Ì·ÖÒ³
-- @Table nvarchar(255), -- ±íÃû
-- @Fields nvarchar(1000) = ' * ', -- ÐèÒª·µ»ØµÄÁÐ
-- @OrderField nvarchar(255), -- ÅÅÐòµÄ×Ö¶ÎÃû,Ò»°ãΪΨһ±êʶ
-- @OrderType bit = 0, -- ÉèÖÃÅÅÐòÀàÐÍ, ·Ç 0 ÖµÔò½µÐò
-- @PageSize int = 10, -- ÿҳÓжàÉÙÌõ¼Ç¼
-- @PageIndex int = 1, -- µÚ¼¸Ò³
-- @Count int output, -- ·µ»Ø¼Ç¼×ÜÊý
-- @StrWhere nvarchar(1500) -- ²éѯÌõ¼þ (×¢Òâ: ²»Òª¼Ó where,³õʼ»¯Îª1=1ʹµÃ²éѯÌõ¼þÓÀÔ¶²»Îª¿Õ)
----------------------------------------------------------
ALTER PROC [dbo].[PR_pages]
(
@Table nvarchar(4000), -- ±íÃû
@Fields nvarchar(1000) = ' * ', -- ÐèÒª·µ»ØµÄÁÐ
@OrderField nvarchar(255), -- ÅÅÐòµÄ×Ö¶ÎÃû,Ò»°ãΪΨһ±êʶ
@OrderType bit = 0, -- ÉèÖÃÅÅÐòÀàÐÍ, ·Ç 0 ÖµÔò½µÐò
@PageSize int = 10, -- ÿҳÓжàÉÙÌõ¼Ç¼
@PageIndex int = 1, -- µÚ¼¸Ò³
@StrWhere nvarchar(1500), -- ²éѯÌõ¼þ (×¢Òâ: ²»Òª¼Ó where,³õʼ»¯Îª1=1ʹµÃ²éѯÌõ¼þÓÀÔ¶²»Îª¿Õ)
@Count int output -- ·µ»Ø¼Ç¼×ÜÊý
)
AS
BEGIN
DECLARE @StrSQL nvarchar(4000) -- Ö÷Óï¾ä
DECLARE @StrTmp nvarchar(110) -- ÁÙʱ±äÁ¿
DECLARE @StrOrder nvarchar(400) -- ÅÅÐòÀàÐÍ
DECLARE @SumSql nvarchar(4000) -- ¼Ç¼×ÜÊý
--SET @StrWhere = ' 1=1 '
-- Ö´ÐÐ×ÜÊýͳ¼Æ
SET @SumSql = 'SELECT @Count = COUNT(0) from ' + @Table + ' WHERE 1=1 ' + @StrWhere
EXEC sp_executesql @SumSql,N'@Count int output',@Count output -- ¼Ç¼×ÜÊý
-- Èç¹û@OrderType²»ÊÇ0£¬¾ÍÖ´ÐнµÐò
IF @OrderType != 0
BEGIN
SET @StrTmp = ' <(SELECT MIN'
SET @StrOrder = ' ORDER BY [' + @OrderField + '] DESC'
END
ELSE
BEGIN
SET @StrTmp = ' >(SELECT MAX'
SET @StrOrder = ' ORDER BY [' + @OrderField + '] ASC'
END
-- Èç¹ûÊǵÚÒ»Ò³¾ÍÖ´ÐÐÒÔÏ´úÂ룬¼Ó¿ìÖ´ÐÐËÙ¶È
IF @PageIndex = 1
BEGIN
SET @StrSQL = 'SELECT TOP ' + STR(@Pag
Ïà¹ØÎĵµ£º
sql serverºÍoracleÐÐתÁеÄÒ»ÖÖµäÐÍ·½·¨
ǰÑÔ£ºÍøÉÏÓв»ÉÙÎÄÕÂÊǽ²ÐÐתÁе쬵«ÊǴ󲿷ֶ¼ÊÇÖ±½ÓÌù´úÂ룬ºöÊÓÁËÖмä¹ý³Ì£¬±¾ÈË×Ô¼ºË¼¿¼ÁËÏÂΪʲôҪÕâÑùʵÏÖ£¬²¢ÇÒ×öÁËÈçϵıʼǣ¬¶ÔÓÐЩ¶®µÄÈËÀ´Ëµ¿ÉÄÜûÓмÛÖµ£¬Ï£Íû¶Ô»¹²»¶®µÄÈËÓÐÒ»µã½è¼øÒâÒå¡£
¶ÔÓÚÓÐЩҵÎñÀ´Ëµ£¬Êý¾ÝÔÚ±íÖеĴ洢ºÍÆä×îÖÕµÄGrid±íÏÖÇ¡ºÃÏ൱ÓÚ°ÑÔ ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
ÔÎĵØÖ·£ºhttp://www.cnblogs.com/changhai0605/articles/1276319.html
OracleµÄÇë²Î¿¼£ºhttp://zonghl8006.blog.163.com/blog/static/4528311520083995931317/
1.¼ò½é£º
SQL Server 2005ÖÐÐÂÔöµÄ´°¿Úº¯Êý°ïÖúÄãѸËٲ鿴²»Í¬¼¶±ðµÄ¾ÛºÏ£¬Í¨¹ýËü¿ÉÒԷdz£·½±ãµØÀÛ¼Æ×ÜÊý¡¢Òƶ¯Æ½¾ùÖµ¡¢ÒÔ¼°Ö´ÐÐÆäËü¼ÆËã¡£
´°¿Úº¯Êý¹¦ÄÜ·Ç ......
MySQL:
SELECT column from table
ORDER BY RAND()
LIMIT 1
PostgreSQL:
SELECT column from table
ORDER BY RANDOM()
LIMIT 1
Microsoft SQL Server:
SELECT TOP 1 column from table
ORDER BY NEWID()
IBM DB2
SELECT column, RAND() as IDX
from table
ORDER BY IDX FETCH FIRST 1 ROWS ONLY
Thanks Ti ......