asp·ÀSQL×¢È뺯Êý
'SQL·À×¢È뺯Êý£¬µ÷Ó÷½·¨£¬ÔÚÐèÒª·À×¢ÈëµÄµØ·½Ìæ»»ÒÔÇ°µÄrequest("XXXX")ΪSafeRequest("XXXX")
'www.yongfa365.com
Function
SafeRequest(ParaValue)
ParaValue =
Trim
(
Request
(ParaValue))
If
ParaValue =
""
Then
SafeRequest =
""
Exit
Function
End
If
'Òª¹ýÂ˵Ä×Ö·ûÒÔ","¸ô¿ª
LockValue =
"',Select,Update,Delete,insert,Count(,drop table,truncate,Asc(,Mid(,char(,xp_cmdshell,exec master,net localgroup administrators,And,net user,Or"
LockValue =
Split
(LockValue,
","
)
'ÅжÏÊÇ·ñÓÐ×¢Èë
For
i = 0
To
UBound
(LockValue)
If
InStr
(
LCase
(ParaValue),
LCase
(LockValue(i)))>0
Then
errmsg = 1
Exit
For
End
If
Next
'×¢Èë´¦Àí
If
errmsg = 1
Then
Response
.
Write
"<script language=
Ïà¹ØÎĵµ£º
SQL³£ÓÃ×Ö·û´®º¯Êý
Ò»¡¢×Ö·ûת»»º¯Êý
1¡¢ASCII()
·µ»Ø×Ö·û±í´ïʽ×î×ó¶Ë×Ö·ûµÄASCII ÂëÖµ¡£ÔÚASCII£¨£©º¯ÊýÖУ¬´¿Êý×ÖµÄ×Ö·û´®¿É²»ÓÑ’À¨ÆðÀ´£¬µ«º¬ÆäËü×Ö·ûµÄ×Ö·û´®±ØÐëÓÑ’À¨ÆðÀ´Ê¹Ó㬷ñÔò»á³ö´í¡£
2¡¢CHAR()
½«ASCII Âëת»»Îª×Ö·û¡£Èç¹ûûÓÐÊäÈë0 ~ 255 Ö®¼ä ......
1¡¢¶¨Òå»ù±¾±í
SQLÓïÑÔʹÓö¯´ÊCREATE¶¨Òå»ù±¾±í£¬Æä¾ßÌåÓï·¨¸ñʽÈçÏ£º
CREATE TABLE <±íÃû>
(<ÁÐÃû><Êý¾ÝÀàÐÍ>[Áм¶ÍêÕûÐÔÔ¼ÊøÌõ¼þ]...[£¬<ÁÐÃû><Êý¾ÝÀàÐÍ>[Áм¶ÍêÕûÐÔÔ¼ÊøÌõ¼þ]][,<±í¼¶ÍêÕûÐÔÔ¼ÊøÌõ¼þ>])£»
ÀýÈ磺½¨Á¢Ò»¸öѧÉú±íStudent£¬ËüÓÉѧºÅSno£¬ÐÕÃûSname£¬ÐÔ±ðSsex£¬Äê ......
MS SQL Server²éѯÓÅ»¯·½·¨
×÷Õߣºxmllover 2007-11-29
²éѯËÙ¶ÈÂýµÄÔÒòºÜ¶à£¬³£¼ûÈçϼ¸ÖÖ
1¡¢Ã»ÓÐË÷Òý»òÕßûÓÐÓõ½Ë÷Òý(ÕâÊDzéѯÂý×î³£¼ûµÄÎÊÌ⣬ÊdzÌÐòÉè¼ÆµÄȱÏÝ)
2¡¢I/OÍÌÍÂÁ¿Ð¡£¬ÐγÉÁËÆ¿¾±Ð§Ó¦¡£
3¡¢Ã»Óд´½¨¼ÆËãÁе¼Ö²éѯ²»ÓÅ»¯¡£
4¡¢ÄÚ´æ ......
Ò»¡¢SQL´æ´¢¹ý³ÌµÄ¸ÅÄÓŵ㼰Óï·¨
¡¡¡¡ÕûÀíÔÚѧϰ³ÌÐò¹ý³Ì֮ǰ£¬ÏÈÁ˽âÏÂʲôÊÇ´æ´¢¹ý³Ì?ΪʲôҪÓô洢¹ý³Ì£¬ËûÓÐÄÇЩÓŵã
¡¡¡¡¶¨Ò壺½«³£ÓõĻòºÜ¸´ÔӵŤ×÷£¬Ô¤ÏÈÓÃSQLÓï¾äдºÃ²¢ÓÃÒ»¸öÖ¸¶¨µÄÃû³Æ´æ´¢ÆðÀ´, ÄÇôÒÔºóÒª½ÐÊý¾Ý¿âÌṩÓëÒѶ¨ÒåºÃµÄ´æ´¢¹ý³ÌµÄ¹¦ÄÜÏàͬµÄ·þÎñʱ,Ö»Ðèµ÷ÓÃexecute,¼´¿É×Ô¶¯Íê³ ......
SQL:Structured Query Language,1974ÄêBoyceºÍChamberlinÌá³ö.
Êý¾Ý¶¨Òå :CREATE,DROP
Êý¾Ý¿â²éѯ:SELECT
Êý¾Ý²Ù×Ý :INSERT,UPDATE,DELETE
Êý¾Ý¿ØÖÆ :GRANT,REVOKE
Ò».Êý¾ÝµÄ¶¨ÒåºÍÐÞ¸Ä:
1.¶¨Òå»ù±í
CREATE TABLE ±íÃû (<ÁÐÃû1 ÀàÐÍ[NOT NULL][,ÁÐÃû2 ÀàÐÍ[NOT NULL]>…[ÆäËû²ÎÊý]);
¹ØÓÚÀàÐÍ:
INTEGE ......
