×î¼òµ¥µÄ×î¸ßЧµÄ¹ýÂËSQL½Å±¾·À×¢Èë
.errInfo
{
border:solid 1px #d00;
background:#F7F0F7;
}
1.URLµØÖ··À×¢È룺
//¹ýÂËURL·Ç·¨SQL×Ö·û
var sUrl=location.search.toLowerCase();
var sQuery=sUrl.substring(sUrl.indexOf("=")+1);
re=/select|update|delete|truncate|join|union|exec|insert|drop|count|’|"|=|;|>|<|%/i;
if(re.test(sQuery))
{
alert("ÇëÎðÊäÈë·Ç·¨×Ö·û");
location.href=sUrl.replace(sQuery,"");
}
2.ÊäÈëÎı¾¿ò·À×¢È룺
ÒýÈëÒÔÏÂjs
//·ÀÖ¹SQL×¢Èë
function AntiSqlValid(oField )
{
re= /select|update|delete|exec|count|’|"|=|;|>|<|%/i;
if ( re.test(oField.value) )
{
//alert("ÇëÄú²»ÒªÔÚ²ÎÊýÖÐÊäÈëÌØÊâ×Ö·ûºÍSQL¹Ø¼ü×Ö£¡"); //×¢ÒâÖÐÎÄÂÒÂë
oField.value = ”;
oField.className="errInfo";
oField.focus();
return false;
}
ÔÚÐèÒª·À×¢ÈëµÄÊäÈëÎı¾¿òÌí¼ÓÈçÏ·½·¨
txtName.Attributes.Add("onblur", "AntiSqlValid(this)");//·ÀÖ¹Sql½Å±¾×¢Èë
Ïà¹ØÎĵµ£º
ÏÂÁÐÓï¾ä²¿·ÖÊÇMssqlÓï¾ä£¬²»¿ÉÒÔÔÚaccessÖÐʹÓá£
SQL·ÖÀࣺ
DDL—Êý¾Ý¶¨ÒåÓïÑÔ(Create£¬Alter£¬Drop£¬DECLARE)
DML—Êý¾Ý²Ù×ÝÓïÑÔ(Select£¬Delete£¬Update£¬Insert)
DCL—Êý¾Ý¿ØÖÆÓïÑÔ(GRANT£¬REVOKE£¬COMMIT£¬ROLLBACK)
Ê×ÏÈ,¼òÒª½éÉÜ»ù´¡Óï¾ä£º
1¡¢ËµÃ÷£º´´½¨Êý¾Ý¿â
Create&nb ......
SQLÃæÊÔÌ⣨1£©
create table testtable1
(
id int IDENTITY,
department varchar(12)
)
select * from testtable1
insert into testtable1 values('Éè¼Æ')
insert into testtable1 values('Êг¡')
insert into testtable1 values('ÊÛºó')
/*
½á¹û
id department
1 Éè¼Æ
2 Êг¡
3& ......
SQL Serer´úÀí·þÎñ
¶ÔÓÚÒ»¸öSQL Serverϵͳ¹ÜÀíÔ±À´Ëµ£¬ËûÿÌ춼ÃæÁÙ×ÅÐí¶à²»Í¬µÄÈÎÎñÀ´Ö´ÐУ¬ÀýÈç¼ì²éÒ»¸ö»ò¶à¸ö·þÎñÆ÷£¬µ÷½ÚºÍÓÅ»¯Êý¾Ý¿âµÄÐÔÄÜ£¬ÐÞ¸ÄÊý¾Ý¿âµÄ²¼¾ÖÉè¼ÆºÍÊý¾Ý¿â±í£¬Âú×ãÏÖÔںͽ«À´µÄÐèÒª,RAID1¡£Ò»°ãÀ´Ëµ£¬±£³ÖÊý¾Ý¿âÔÚËùÓй¤×÷ʱ¼äÄܹ»×îÓÅ»¯µÄÖ´ÐÐÊÇϵͳ¹ÜÀíÔ±µÄÄ¿±ê£¬ÎªÁË´ïµ½Õâ¸öÄ¿±ê£¬ÏµÍ³¹ÜÀíÔ±±ØÐ ......
×÷Òµ¹ÜÀí
×Ô¶¯´¦ÀíÒ»¸öÈÎÎñµÄµÚÒ»²½ÊÇ´´½¨¶ÔÓ¦µÄ×÷Òµ£¬×÷Òµ¿ÉÒÔʹÓÃÁ½ÖÖ¹¤¾ßÀ´´´½¨£¬¼´´´½¨×÷ÒµÏòµ¼ºÍSQL Server ÆóÒµ¹ÜÀíÆ÷¡£´´½¨×÷Òµ×îÈÝÒ׵ķ½·¨ÊÇʹÓô´½¨×÷ÒµÏòµ¼£¬Ò»°ãÀ´Ëµ£¬Èç¹ûÒª´´½¨×÷Òµ£¬±ØÐëÖ´ÐÐÒÔÏÂÈý¸ö²½Ö裺
(1)¶¨Òå×÷Òµ²½£»
(2)Èç¹û¸Ã×÷Òµ²»ÊÇÓû§Ö¸¶¨Ö´ÐУ¬´´½¨×÷ÒµÖ´Ðеĵ÷¶Èʱ¼ä£»
(3)֪ͨ²Ù×÷Ô±×÷Òµ ......
¼ÙÉèÏÖÔÚNews±íÓÐÒÔÏÂ×Ö¶Î
News_Id,News_Title,News_IsSetTop,News_SetTopTime
ÆäÖÐNews_IsSetTop(char(1))ÊÇ“ÊÇ·ñÖö¥”µÄº¬Ò壻News_SetTopTime(DateTime)ÊÇÖö¥Ê±¼ä£»
ÏÖÔÚҪʵÏÖ£ºÈç¹ûNews_IsSetTopΪ"1"ʱ £¬ORDER BY News_IsSetTop DESC,News_Id DESC£»News_IsSetTopΪ"0"ʱ£¬ORDER BY News_ID DESC ......
