Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

PL/SQL ѧϰ±Ê¼Ç1

PL/SQL ²»¾ß±¸ÊäÈëÊä³öµÄÄÜÁ¦
µ«ÊÇ¿ÉÒÔÒÀ¿¿»·¾³À´Ö´ÐÐÊýÖµµÄÊäÈëÊä³ö¸øPL/SQL ¿é
SQLPLUS »·¾³ÓÃsubstitution variables ºÍ host(bind) variable À´´«ÈëÊýÖµ¸øPL/SQL¿é
substitution variable: such as a preceding ampersand  &a
host(bind) variable : such as a  preceding colon :x
Ìæ´ú±äÁ¿¿ÉÒÔ²»ÓÃÉùÃ÷£¬µ«ÊÇ»áÔÚÖ´ÐеÄʱºòÓÐÒ»¸ö½»»¥Ê½Ìáʾ
°ó¶¨±äÁ¿ÐèÒªÉùÃ÷²¢ÇÒ¸³ÖµµÄʱºòÓÃexecÓï¾ä
SQL> var df df
Usage: VAR[IABLE] [ <variable> [ NUMBER | CHAR | CHAR (n [CHAR|BYTE]) |
VARCHAR2 (n [CHAR|BYTE]) | NCHAR | NCHAR (n) |
NVARCHAR2 (n) | CLOB | NCLOB | REFCURSOR |
BINARY_FLOAT | BINARY_DOUBLE ] ]
SQL> var a number
SQL> exec :a :=123
PL/SQL procedure successfully completed.
SQL> edit
Wrote file afiedt.buf
1 declare
2 begin
3 dbms_output.put_line('result='||'&a'||:a);
4* end;
SQL> /
Enter value for a: i love u
old 3: dbms_output.put_line('result='||'&a'||:a);
new 3: dbms_output.put_line('result='||'i love u'||:a);
result=i love u123
PL/SQL procedure successfully completed.
SQL>


Ïà¹ØÎĵµ£º

Ìí¼ÓÊý¾ÝÔ´²¢ÅäÖÃÊý¾ÝÔ´Óësql ServerÉí·ÝÑé֤ģʽ

      ÔÚÊý¾Ý¿âÓ¦ÓóÌÐò·¢²¼Ê±£¬¿Í»§¶Ë°²×°ÔÚ¾ÖÓòÍøÖеÄÖ÷»úAÉÏ£¬sql server °²×°ÔڸþÖÓòÍøµÄÖ÷»úBÉÏ¡£¿Í»§¶ËÈí¼þÖаüº¬ÓÐËüÒªÁ¬½ÓµÄÊý¾Ý¿âµÄÐÅÏ¢¡£ÈçÊý¾ÝÔ´£¬·þÎñÆ÷Ãû³Æ£¬Êý¾Ý¿âµÈ£¬ÊµÀý£ºdata source=SQLOLEDB;SERVER=DongZi\sqlExpress;uid=sa;pwd=123;database=MachineRoom
¡£ÄÇôÎÒÃÇÔÚÖ÷» ......

SQL²Ù×÷È«¼¯


SQL²Ù×÷È«¼¯
ÏÂÁÐÓï¾ä²¿·ÖÊÇMssqlÓï¾ä£¬²»¿ÉÒÔÔÚaccessÖÐʹÓá£
SQL·ÖÀࣺ
DDL—Êý¾Ý¶¨ÒåÓïÑÔ(CREATE£¬ALTER£¬DROP£¬DECLARE)
DML—Êý¾Ý²Ù×ÝÓïÑÔ(SELECT£¬DELETE£¬UPDATE£¬INSERT)
DCL—Êý¾Ý¿ØÖÆÓïÑÔ(GRANT£¬REVOKE£¬COMMIT£¬ROLLBACK)
Ê×ÏÈ,¼òÒª½éÉÜ»ù´¡Óï¾ä£º
1¡¢ËµÃ÷£º´´½¨Êý¾Ý¿â
CREA ......

Çå³ýSQL SERVER Êý¾Ý¿âÈÕÖ¾

  1.Çå¿ÕÈÕÖ¾  
  DUMP     TRANSACTION     ¿âÃû     WITH     NO_LOG          
   
  2.½Ø¶ÏÊÂÎñÈÕÖ¾£º  
  BACKUP   LOG   Êý¾Ý¿âÃû   WITH   NO_LOG  
    ......

×¢Èë³£ÓÃSQLÓï¾ä


and exists (select * from sysobjects) //ÅжÏÊÇ·ñÊÇMSSQL
and exists(select * from tableName) //ÅжÏij±íÊÇ·ñ´æÔÚ..tableNameΪ±íÃû
and 1=(select @@VERSION) //MSSQL°æ±¾
And 1=(select db_name()) //µ±Ç°Êý¾Ý¿âÃû
and 1=(select @@servername) //±¾µØ·þÎñÃû
and 1=(select IS_SRVROLEMEMBER('sysadmin')) //Å ......

sqlÊÖ¹¤×¢Èë

SQLÊÖ¹¤×¢Èë´óÈ«
2006Äê08ÔÂ11ÈÕ ÐÇÆÚÎå 21:00
±È·½ËµÔÚ²éѯidÊÇ50µÄÊý¾Ýʱ£¬Èç¹ûÓû§´«½üÀ´µÄ²ÎÊýÊÇ50 and 1=1£¬Èç¹ûûÓÐÉèÖùýÂ˵ϰ£¬¿ÉÒÔÖ±½Ó²é³öÀ´£¬SQL ×¢ÈëÒ»°ãÔÚASP³ÌÐòÖÐÓöµ½×î¶à£¬
¿´¿´ÏÂÃæµÄ
1.ÅжÏÊÇ·ñÓÐ×¢Èë
;and 1=1
;and 1=2
2.³õ²½ÅжÏÊÇ·ñÊÇmssql
;and user>0
3.ÅжÏÊý¾Ý¿âϵͳ
;and ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ