×î¼òµ¥µÄ×î¸ßЧµÄ¹ýÂËSQL½Å±¾·À×¢Èë
.errInfo
{
border:solid 1px #d00;
background:#F7F0F7;
}
1.URLµØÖ··À×¢È룺
//¹ýÂËURL·Ç·¨SQL×Ö·û
var sUrl=location.search.toLowerCase();
var sQuery=sUrl.substring(sUrl.indexOf("=")+1);
re=/select|update|delete|truncate|join|union|exec|insert|drop|count|’|"|=|;|>|<|%/i;
if(re.test(sQuery))
{
alert("ÇëÎðÊäÈë·Ç·¨×Ö·û");
location.href=sUrl.replace(sQuery,"");
}
2.ÊäÈëÎı¾¿ò·À×¢È룺
ÒýÈëÒÔÏÂjs
//·ÀÖ¹SQL×¢Èë
function AntiSqlValid(oField )
{
re= /select|update|delete|exec|count|’|"|=|;|>|<|%/i;
if ( re.test(oField.value) )
{
//alert("ÇëÄú²»ÒªÔÚ²ÎÊýÖÐÊäÈëÌØÊâ×Ö·ûºÍSQL¹Ø¼ü×Ö£¡"); //×¢ÒâÖÐÎÄÂÒÂë
oField.value = ”;
oField.className="errInfo";
oField.focus();
return false;
}
ÔÚÐèÒª·À×¢ÈëµÄÊäÈëÎı¾¿òÌí¼ÓÈçÏ·½·¨
txtName.Attributes.Add("onblur", "AntiSqlValid(this)");//·ÀÖ¹Sql½Å±¾×¢Èë
Ïà¹ØÎĵµ£º
Load the SQL Server 2005 Driver for JDBC before you load the SQL Server 2000 Driver for JDBC. To do this, use the DriverManager class as in the following code example.
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver"); // 2005 version
Class.forName("com.microsoft.jdbc.sqlserver.SQLSe ......
sql serverÑ¡ÔñÁË»ìºÏģʽÎÊÌâ
ÒòΪҪѡÔñ»ìºÏģʽ²ÅÄÜʹÓÃsaÓû§µÇ¼µÄÎÊÌâ
È»ºóÆóÒµ¹ÜÀíÆ÷ÀïÃ澹ȻѡÁËÒÔºóûÓÐЧ¹û ÓÀÔ¶¶¼Êǽöwindowsģʽ
ÎÞÓï ²»¶ÏÖØÆômssql ÓÖÑ¡Ôñ »ìºÏģʽ ´óÔ¼¼¸·ÖÖÓºó¾¹È»¿ÉÒÔÑ¡ÔñÁË
zhenTMD µÄÎÞÄΣ¡ ......
¾¯±¨¹ÜÀí
×÷ÒµÖ´ÐÐʱ£¬SQL Server´íÎóÏûÏ¢µÄÐÅÏ¢´æ·ÅÔÚWindowsÊÂÎñÈÕÖ¾ÖС£SQL Server´úÀí¶ÁÈ¡Õâ¸öÈÕÖ¾£¬²¢±È½Ï´æ´¢µÄÏûÏ¢ÓëΪϵͳ¶¨ÒåµÄ¾¯±¨£¬Èç¹ûÆ¥Å䣬SQL Server´úÀí¼¤»î¸Ã¾¯±¨£¬ËùÒÔ£¬¾¯±¨¿ÉÒÔÓÃÓÚÏìӦDZÔÚµÄÎÊÌâ(ÈçÌîÂúÊÂÎñÈÕÖ¾)¡£µ±¾¯±¨±»´¥·¢Ê±£¬Í¨¹ýµç×ÓÓʼþ»òÕßÑ°ºô֪ͨ²Ù×÷Ô±£¬´Ó¶øÈòÙ×÷Ô±Á˽âϵͳÖз¢ÉúÁËʲà ......
ÕâÖÖÓ÷¨ÏàÐÅÔÚÍøÕ¾Öо³£Ê¹Óã¬ÈçÒªÔÚ±íÖÐËæ»úÈ¡³ö10Ìõ¼Ç¼£¬Èç¹ûʹÓñà³ÌÓïÑÔ½øÐÐÔËËãµÄ»°»áºÜÂé·³¶øÇÒЧÂʵÍÏ¡£ÔÚSql ServerÖÐ×Ô´øÁËrandom()º¯ÊýÓÃÓÚÉú³ÉËæ»úÊý£¬ÆäʵËü»¹×Ô´øÁËÁíÍâÒ»¸öËæ»úº¯Êýnewid();newid()ÔÚɨÃèÿÌõ¼Ç¼ʱ¶¼»áÉú³ÉÒ»¸öËæ»úµÄÖµ£º
Ö´ÐÐselect newid()£»ÔËÐнá¹û
¿ÉÒÔ¿´µ½Õâ²¢²»ÊÇÒ»¸öËæ»úµÄÊý× ......
