SQL Server µÄÁ¬½Ó¡¢²éѯÓë¸üÐÂ
#Region " ÃüÃû¿Õ¼ä "
Imports System.Data
Imports System.Data.SqlClient
#End Region
Public Class DBCommon
Implements IDisposable
#Region " ³ÉÔ±±äÁ¿ "
Private conn As SqlConnection
Private cmd As SqlCommand
Private trans As SqlTransaction
#End Region
#Region " ¹¹Ô캯Êý "
Public Sub New()
Connection()
End Sub
#End Region
#Region " ¹ý³Ìº¯Êý "
Public Sub Dispose() Implements IDisposable.Dispose
Close()
End Sub
Public Sub Close()
If conn Is Nothing Then
Return
End If
conn.Close()
conn.Dispose()
conn = Nothing
End Sub
Public Sub ClearParameter()
cmd.Parameters.Clear()
End Sub
Public Sub AddParameter( _
ByVal ParameterName As String, _
ByVal SqlDbType As SqlDbType, _
ByVal Size As Integer, _
ByVal Value As Object)
cmd.Parameters.Add(ParameterName, SqlDbType, Size).Value = Value
End Sub
Public Sub Fill( _
ByVal dtResult As DataTable, _
ByVal strSqlBun As String, _
ByVal Parameter As SqlParameter)
Dim objAdpt As SqlDataAdapter
objAdpt = New SqlDataAdapter(strSqlBun, conn)
cmd.CommandText = strSqlBun
objAdpt.SelectCommand = cmd
objAdpt.Fill(dtResult)
End Sub
Public Sub ExecuteNonQuery(ByVal strSqlBun As String)
cmd.CommandText = strSqlBun
cmd.ExecuteNonQuery()
End Sub
Public Sub BeginTransaction()
trans = conn.BeginTransaction()
End Sub
Public Sub Commit()
trans.Commit()
End Sub
Public Sub Rollback()
trans.Rollback()
End Sub
Protected Overrides Sub Finalize()
Close()
MyBase.Finalize()
End Sub
Private Sub Connection()
Dim strConnectionString As String
strConnectionString = My.MySettings.Default.ConnectionString
conn = New SqlConnection(strConnectionS
Ïà¹ØÎĵµ£º
SQL2000µÄÊý¾ÝÀàÐͼ°³¤¶È
==============================
bigint 8
binary 8000
bit 1
char 8000
datetime 8
decimal 17
float 8
image 16
int 4
money 8
nchar 8000
ntext 16
numeric 17
nvarchar 8000
real 4
smalldatetime 4
smallint 2
smallmoney 4
sql_variant 8016
sysname 256
text 16
tim ......
ÆÕͨÐÐÁÐת»»
ÎÊÌ⣺¼ÙÉèÓÐÕÅѧÉú³É¼¨±í(tb)ÈçÏÂ:
ÐÕÃû ¿Î³Ì ·ÖÊý
ÕÅÈý ÓïÎÄ 74
ÕÅÈý Êýѧ 83
ÕÅÈý ÎïÀí 93
ÀîËÄ ÓïÎÄ 74
ÀîËÄ Êýѧ 84
ÀîËÄ ÎïÀí 94
Ïë±ä³É(µÃµ½ÈçϽá¹û)£º
ÐÕÃû ÓïÎÄ Êýѧ ÎïÀí
---- ---- ---- ----
ÀîËÄ 74 84 94
ÕÅÈý 74 83 93
-------------------
*/
create table tb(Ð ......
for ACCESS :
update a, b set a.name=b.name1 where a.id=b.id
for SQL Server:
"update a set a.name=b.name1 from a,b where a.id=b.id"
update a set a.status=b.status
from table1 a,table2 b
&nbs ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
/*
±¾ÎÄרעÓÚ½«Excelµ¼ÈëSQL SERVER2005Êý¾Ý¿â
´Ë·¾¶ÏµÄÕâ¸ö¹¤¾ß£¬ÊÇSQL SERVER2005 ÓÃÀ´µ¼Èëµ¼³öÊý¾ÝµÄ¹¤¾ß¡£
C:\Program Files\Microsoft SQL Server\90\DTS\Binn\DTSWizard.exe
Ò»°ãÔÚÊý¾Ý¿âÃûÉÏ--ÓÒ¼ü-->Tasks-->Import Data -->½çÃæ¾Í³öÀ´ÁË£¬ºÍµã»÷ÉÏÃæµÄ¹¤¾ßÊÇÒ»¸ö¶«Î÷¡£
Ê×´ÎʹÓÃÕâ¸öD ......
