1.ʲô½ÐSQL×¢È룿ÈçºÎ·ÀÖ¹£¿Çë¾ÙÀý˵Ã÷
1.ʲô½ÐSQL×¢È룿ÈçºÎ·ÀÖ¹£¿Çë¾ÙÀý˵Ã÷
´ð£ºSQL×¢ÈëÊdz£¼ûµÄÀûÓóÌÐò©¶´½øÐй¥»÷µÄ·½·¨¡£µ¼ÖÂsql×¢Èë¹¥»÷²¢·ÇϵͳÔì³ÉµÄ£¬Ö÷ÒªÊdzÌÐòÖкöÂÔÁË°²È«ÒòËØ£¬ÀûÓÃsqlÓïÑÔ©¶´»ñµÃºÏ·¨Éí·ÝµÇ½ϵͳ
ÀýÈ磺
"Select * from users where name='"+uName+"' and pwd='"+uPwd+"' "
ÈçÓû§ÔÚt_nameÖÐÊäÈëtom’ or 1=‘1 ¾Í¿ÉÒÔ½øÈëϵͳÁË¡£
Éú³ÉÓï¾ä£º
Select * from users where name = ‘tom’ or 1=‘1’ and pwd=‘123’
·ÀÖ¹sql×¢ÈëµÄ·½·¨ÓÐÈçϼ¸µã£º
ʹÓòÎÊý»¯¹ýÂËÓï¾ä
ÔÚwebÓ¦ÓóÌÐòµÄ¿ª·¢¹ý³ÌÖÐËùÓн׶Îʵʩ´úÂ밲ȫ¼ì²ì
ʹÓô洢¹ý³Ì
Ïà¹ØÎĵµ£º
Æäʵɾ³ýÊý¾Ý¿âÖÐÊý¾ÝµÄ·½·¨²¢²»¸´ÔÓ£¬ÎªÊ²Ã´ÎÒ»¹Òª¶à´ËÒ»¾ÙÄØ£¬Ò»ÊÇÎÒÕâÀï½éÉܵÄÊÇɾ³ýÊý¾Ý¿âµÄËùÓÐÊý¾Ý£¬ÒòΪÊý¾ÝÖ®¼ä¿ÉÄÜÐγÉÏ໥ԼÊø¹Øϵ£¬É¾³ý²Ù×÷¿ÉÄÜÏÝÈëËÀÑ»·£¬¶þÊÇÕâÀïʹÓÃÁË΢ÈíδÕýʽ¹«¿ªµÄsp_MSForEachTable´æ´¢¹ý³Ì¡£
Ò²ÐíºÜ¶à¶ÁÕßÅóÓѶ¼¾Àú¹ýÕâÑùµÄÊÂÇ飺ҪÔÚ¿ª·¢Êý¾Ý¿â»ù´¡ÉÏÇåÀíÒ»¸ö¿Õ¿â£¬µ«ÓÉÓÚ¶ÔÊý¾Ý¿ ......
Ó¦ÓÃÖз¢ÏÖsqlÖеÄand¼°orµÄÖ´ÐÐЧÂÊÎÊÌâ
£ó£ñ£ìÓï¾ä£¬ÎªÊ²Ã´°Ñ×îºóµÄ£ï£ò»»³É£á£î£ä£¬²éѯµÄ¾ÍºÜ¿ì£¬Ê¹ÓõÄÊÇmssql·¶ÀýÖÐnorthwindÊý¾Ý¿âΪÀý£¬
select * from Orders a left join [Order Details] b on a.orderid = b.orderid
where a.customerid like '%ics%' or b.productid in (42,72)
×·×ÙÁËÓï¾äµÄÖ´Ðз½°¸,·¢ÏÖ ......
Student(S#,Sname,Sage,Ssex) ѧÉú±í
Course(C#,Cname,T#) ¿Î³Ì±í
SC(S#,C#,score) ³É¼¨±í
Teacher(T#,Tname) ½Ìʦ±í
ÎÊÌ⣺
1¡¢²éѯ“001”¿Î³Ì±È“002”¿Î³Ì³É¼¨¸ßµÄËùÓÐѧÉúµÄѧºÅ£»
select a.S# from (select s#,score from SC where C#='001') a,(select s#,score
fr ......
Student(S#,Sname,Sage,Ssex) ѧÉú±í
Course(C#,Cname,T#) ¿Î³Ì±í
SC(S#,C#,score) ³É¼¨±í
Teacher(T#,Tname) ½Ìʦ±í
ÎÊÌ⣺
1¡¢²éѯ“001”¿Î³Ì±È“002”¿Î³Ì³É¼¨¸ßµÄËùÓÐѧÉúµÄѧºÅ£»
select a.S# from (select s#,score from SC where C#='001') a,(select s#,score
fr ......
ÔÎĵØÖ·£ºhttp://www.cnblogs.com/wangxiaohuo/archive/2008/04/20/1162631.html
±¾ÎĵµÖ÷Òª´ÓoracleÓësql serverÓï·¨ÉϽøÐвîÒìÐԱȽϣ¬ÖîÈçÁ½ÕßÔÚ¹ÜÀí£¬ÐÔÄÜ£¬ÓÅ»¯µÈ·½ÃæµÄ²îÒì²»×÷±È½Ï¡£
¡ñ¸ÅÄîÉÏÇø±ð
1.Oracle ÊÇÒ»ÖÖ¶ÔÏó¹ØϵÊý¾Ý¿â¹ÜÀíϵͳ£¨ORDBMS),¶øSql server Ö»ÊǹØϵÐÍÊý¾Ý¿â¹Ü
&nbs ......
