Ò»Ìõ¼òµ¥µÄsqlÓï¾ä
select count(*) from admin where adminName='afdaf' or '1'='1' and adminPwd='dfdfd'
Õâ¸öÓï¾ä·µ»ØµÄ¼Ç¼ÔõôÊÇ0ÌõÄØ£¬²»Ã÷°×¡£Èý¸öÅжÏÌõ¼þÖÐÓиöor£¨¡®1¡¯=¡®1¡¯£©ÄØ¡£¡£Ò»ÏÂ×ÓÀí²»ÇåÁ˺¹
°Ñand»»³ÉorÊÔÊÔ
adminName='afdaf' or '1'='1' return true
adminPwd='dfdfd' return false
adminName='afdaf' or '1'='1' and adminPwd='dfdfd' return false
¹À¼ÆÊÇûÓÐÊý¾Ý°¡£¡
Õâ¸öÊÇÏÈOR×îºóÔÙANDµÄÅóÓÑ,ËùÒÔ×îºóµÄANDÖÐÓÐÒ»¸ö´íµÄ,¾ÍÊÇ0ÁËûʲôºÃÆæ¹ÖµÄ,Äã¿ÉÒÔ°ÑOR¸úAND»»¸öλÖÃ,Äã¾Í»áµÃµ½²»Ò»ÑùµÄ½á¹û
select count(*) from admin where adminName='afdaf' or '1'='1' or adminPwd='dfdfd'
Ã÷°×ÁË£¬Ð»Ð»¹þ
select count(*) from admin where adminName='afdaf' or adminPwd='dfdfd'
ÄãÕâÑù¿´¿´ÓÐûÓмǼÂï
ûÓÐÄǾÍÊÇÕý³£µÄ
ÎÒÊÔÁËÏÂûµÃÎÊÌâ
Ïà¹ØÎÊ´ð£º
select convert(varchar(50),cast(convert(numeric(18,2),1275674000000/100000000)as real))+'ÒÚ'
select cast(convert(numeric(18,2),1275674000000/100000000)as real)
ΪʲôÉÏÒ»¸öÓÃvarcharת»»ºó¾ÍÖ»±£ÁôÁËÒ ......
--drop table #T1
--drop table #T2
create Table #T1(ID int,
QueryID nvarchar(20),
ResultID1 nvarchar(20),
ResultID2 nvarchar(20))
create Table #T2(SortNo int,
QueryID nvarchar(20),
ResultID1 nv ......
Êý¾Ý¿âÒªÔõôѧ²Å²»»áÏԵóéÏó°¡£¿
Õâ¾ÍÒª¿´ÄãÊʺÏʲô·½·¨ÁË£¬Õâ¾ßÌå²»ºÃ˵µÄ.....
ÔõôÁË£¬ÄѵÀ´ó¼Ò¶¼²»»á£¬»¹ÊÇÕæµÄÌ«³éÏó´ó¼Ò²»ÖªµÀÔõô˵°¡
½áºÏÄã²Ù×÷Êý¾Ý¿âµÄÌå»áºÍÀí½â£¬Ó¦¸ÃЧ¹û»á¸üºÃ¡£·ñÔò£¬Ò ......
½ñÌì×öÁËÒ»¸ö´æ´¢¹ý³Ì »·¾³ÊÇSQL2000Êý¾Ý¿â
´óÖÂÈçÏÂ
½¨Á¢ÁÙʱ±í
¶¨ÒåÔ±¹¤Óαê
Ñ»·Ô±¹¤£¨ÊôÓÚ1¸ö¹«Ë¾)
......
´ÓÊý¾Ý¿âÖвéѯһÕűíµÄÊý¾Ý
select ²¿ÃÅ,ÐÕÃû from tb
ÈçºÎ²ÅÄÜÉú³ÉÏÂÃæµÄxml¸ñʽ
XML code:
<folder state="unchecked" label="È«²¿">
¡¡¡¡ <folder state="unchecked&qu ......
