1.ʲô½ÐSQL×¢È룿ÈçºÎ·ÀÖ¹£¿Çë¾ÙÀý˵Ã÷
1.ʲô½ÐSQL×¢È룿ÈçºÎ·ÀÖ¹£¿Çë¾ÙÀý˵Ã÷
´ð£ºSQL×¢ÈëÊdz£¼ûµÄÀûÓóÌÐò©¶´½øÐй¥»÷µÄ·½·¨¡£µ¼ÖÂsql×¢Èë¹¥»÷²¢·ÇϵͳÔì³ÉµÄ£¬Ö÷ÒªÊdzÌÐòÖкöÂÔÁË°²È«ÒòËØ£¬ÀûÓÃsqlÓïÑÔ©¶´»ñµÃºÏ·¨Éí·ÝµÇ½ϵͳ
ÀýÈ磺
"Select * from users where name='"+uName+"' and pwd='"+uPwd+"' "
ÈçÓû§ÔÚt_nameÖÐÊäÈëtom’ or 1=‘1 ¾Í¿ÉÒÔ½øÈëϵͳÁË¡£
Éú³ÉÓï¾ä£º
Select * from users where name = ‘tom’ or 1=‘1’ and pwd=‘123’
·ÀÖ¹sql×¢ÈëµÄ·½·¨ÓÐÈçϼ¸µã£º
ʹÓòÎÊý»¯¹ýÂËÓï¾ä
ÔÚwebÓ¦ÓóÌÐòµÄ¿ª·¢¹ý³ÌÖÐËùÓн׶Îʵʩ´úÂ밲ȫ¼ì²ì
ʹÓô洢¹ý³Ì
Ïà¹ØÎĵµ£º
Ëø»úÖÆ
NOLOCKºÍREADPASTµÄÇø±ð¡£
1. ¿ªÆôÒ»¸öÊÂÎñÖ´ÐвåÈëÊý¾ÝµÄ²Ù×÷¡£
BEGIN TRAN t
INSERT INTO Customer
SELECT 'a','a'
2. Ö´ÐÐÒ»Ìõ²éѯÓï¾ä¡£
SELECT * from Customer WITH (NOLOCK)
½á¹ûÖÐÏÔʾ"a"ºÍ"a"¡£µ±1ÖÐÊÂÎñ»Ø¹öºó£¬ÄÇôa½«³ÉΪÔàÊý¾Ý¡£(×¢:1ÖеÄÊÂÎñδÌá½») ¡£NOLOCK±íÃ÷ûÓжÔÊý¾Ý±íÌí¼Ó¹²Ï ......
INSERT INTO
tableName ( columnName1, columnName2, columnName3, columnName4)
VALUES ( '45', 'Î÷²Ø°ì', TO_Date( '2010-03-10 12:00:00', 'YYYY-MM-DD HH24:MI:SS'), NULL,);
commit; ......
-----------------------------------------------------------------------------------------------------------------------
create table tb(id varchar(3) , pid varchar(3) , name varchar(10))
insert into tb values('001' , null , '¹ã¶«Ê¡')
insert into tb values('002' , '001' , '¹ãÖÝÊÐ')
insert i ......
