sql ²éѯ
ÓÐÒÔ϶þÕÅ±í£º
Õþµ³±í£ºÕþµ³ID£¬Õþµ³Ãû³Æ
ÒéÔ±±í£ºÒéÔ±ID£¬ÒéÔ±Ãû³Æ£¬Õþµ³ID
ÒªÇó²éѯËùÓеÄÕþµ³ÐÅÏ¢£¬°üº¬£ºÕþµ³Ãû³Æ£¬ÒéÔ±ÈËÊý£¬²¢°´ÒéÔ±ÈËÊýµÄ½µÐòÅÅÁУ¨²»¿ÉÒÔÓÃ×Ó²éѯ£©¡£
Õý½â:
SELECT a.name,
COUNT(b.id) AS counts
from zhen a
left join
yi b
on a.id=b.zhenid
GROUP BY a.name
ORDER BY counts DESC
Ïà¹ØÎĵµ£º
ÔÚÊý¾Ý¿âÓ¦ÓóÌÐò·¢²¼Ê±£¬¿Í»§¶Ë°²×°ÔÚ¾ÖÓòÍøÖеÄÖ÷»úAÉÏ£¬sql server °²×°ÔڸþÖÓòÍøµÄÖ÷»úBÉÏ¡£¿Í»§¶ËÈí¼þÖаüº¬ÓÐËüÒªÁ¬½ÓµÄÊý¾Ý¿âµÄÐÅÏ¢¡£ÈçÊý¾ÝÔ´£¬·þÎñÆ÷Ãû³Æ£¬Êý¾Ý¿âµÈ£¬ÊµÀý£ºdata source=SQLOLEDB;SERVER=DongZi\sqlExpress;uid=sa;pwd=123;database=MachineRoom
¡£ÄÇôÎÒÃÇÔÚÖ÷» ......
ÔÚGoogleÉÏʹÓÓsql ·ÖÒ³”¹Ø¼ü×Ö½øÐÐËÑË÷£¬¼¸ºõËùÓеĴ𰸶¼ÊÇÄÇÈýÌõ¡£Æä¶þЧÂÊ×î¸ß£¬ÆäÈýʹÓÃÓα꣬ЧÂÊ×î²î¡£
ÏÂÃæÊÇÄÇÈýÖÖ·½·¨ £¨²åÈë´úÂëûÓÐsqlÑ¡Ï
·½·¨1£º
ÊÊÓÃÓÚ SQL Server 2000/2005
SELECT TOP Ò³´óС *
from table1
WHERE ......
1¡¢ÔÚÁíһ̨»úÆ÷ÉϽ¨Á¢¶ÀÁ¢µÄÊý¾Ý¿â·þÎñÆ÷£¬×÷ΪÁ´½ÓÄ¿±ê
2¡¢±¾µØÊý¾Ý¿â·þÎñÆ÷ÉÏÌí¼Ó“Á´½Ó·þÎñÆ÷”£º
Ãû×Ö£ºËæ±ãÈ¡Ò»¸öÃû×Ö
·þÎñÆ÷ÀàÐÍ£ºÑ¡ÔñÊý¾ÝÔ´£ºMicrosoft OLE DB Provider for SQL Server
Êý¾ÝÔ´£ºÐ´±ðÃû£¨ÔÚ¿Í»§¶ËÍøÂçʵÓù¤¾ßÖÐÉèÖã©
Ñ¡ÖÐRPCºÍRPCÊä³ö ......
SQLÊÖ¹¤×¢Èë´óÈ«
2006Äê08ÔÂ11ÈÕ ÐÇÆÚÎå 21:00
±È·½ËµÔÚ²éѯidÊÇ50µÄÊý¾Ýʱ£¬Èç¹ûÓû§´«½üÀ´µÄ²ÎÊýÊÇ50 and 1=1£¬Èç¹ûûÓÐÉèÖùýÂ˵Ļ°£¬¿ÉÒÔÖ±½Ó²é³öÀ´£¬SQL ×¢ÈëÒ»°ãÔÚASP³ÌÐòÖÐÓöµ½×î¶à£¬
¿´¿´ÏÂÃæµÄ
1.ÅжÏÊÇ·ñÓÐ×¢Èë
;and 1=1
;and 1=2
2.³õ²½ÅжÏÊÇ·ñÊÇmssql
;and user>0
3.ÅжÏÊý¾Ý¿âϵͳ
;and ......
PL/SQL ²»¾ß±¸ÊäÈëÊä³öµÄÄÜÁ¦
µ«ÊÇ¿ÉÒÔÒÀ¿¿»·¾³À´Ö´ÐÐÊýÖµµÄÊäÈëÊä³ö¸øPL/SQL ¿é
SQLPLUS »·¾³ÓÃsubstitution variables ºÍ host(bind) variable À´´«ÈëÊýÖµ¸øPL/SQL¿é
substitution variable: such as a preceding ampersand &a
host(bind) variable : such as a preceding colon :x
Ìæ ......
