asp·ÀSQL×¢È뺯Êý
'SQL·À×¢È뺯Êý£¬µ÷Ó÷½·¨£¬ÔÚÐèÒª·À×¢ÈëµÄµØ·½Ìæ»»ÒÔÇ°µÄrequest("XXXX")ΪSafeRequest("XXXX")
'www.yongfa365.com
Function
SafeRequest(ParaValue)
ParaValue =
Trim
(
Request
(ParaValue))
If
ParaValue =
""
Then
SafeRequest =
""
Exit
Function
End
If
'Òª¹ýÂ˵Ä×Ö·ûÒÔ","¸ô¿ª
LockValue =
"',Select,Update,Delete,insert,Count(,drop table,truncate,Asc(,Mid(,char(,xp_cmdshell,exec master,net localgroup administrators,And,net user,Or"
LockValue =
Split
(LockValue,
","
)
'ÅжÏÊÇ·ñÓÐ×¢Èë
For
i = 0
To
UBound
(LockValue)
If
InStr
(
LCase
(ParaValue),
LCase
(LockValue(i)))>0
Then
errmsg = 1
Exit
For
End
If
Next
'×¢Èë´¦Àí
If
errmsg = 1
Then
Response
.
Write
"<script language=
Ïà¹ØÎĵµ£º
ÔÚsqlÓï¾äÖÐÌí¼Ó±äÁ¿¡£
declare @local_variable data_type
ÉùÃ÷ʱÐèÒªÖ¸¶¨±äÁ¿µÄÀàÐÍ£¬
¿ÉÒÔʹÓÃsetºÍselect¶Ô±äÁ¿½øÐи³Öµ£¬
ÔÚsqlÓï¾äÖоͿÉÒÔʹÓÃ@local_variableÀ´µ÷ÓñäÁ¿
ÉùÃ÷ÖпÉÒÔÌṩֵ£¬·ñÔòÉùÃ÷Ö®ºóËùÓбäÁ¿½«³õʼ»¯ÎªNULL¡£
ÀýÈ磺declare @id int
&nb ......
ÔÚSQLÓïÑÔÖУ¬Ö»ÌṩÁËÒ»¸ö¶¯´ÊSELECTÓÃÀ´½øÐÐÊý¾Ý²éѯ²Ù×÷£¬µ«Õâ¸ö¶¯´ÊµÄ²ÎÊýÊ®·Ö¸´ÔÓ£¬ÇÒÄÜǶÌ×ʹÓã¬ÆäͨÓøñʽÈçÏ£º
SELECT [All|Distinct]<Ä¿±êÁбí´ïʽ>[£¬<Ä¿±êÁбí´ïʽ>]...
from <±íÃû»òÊÓͼÃû>[£¬<±íÃû»òÊÓͼÃû>]...
[WHERE<Ìõ¼þ±í´ïʽ>]
[GROUP BY<ÁÐÃû1>[HAVING<Ì ......
MS SQL Server²éѯÓÅ»¯·½·¨
×÷Õߣºxmllover 2007-11-29
²éѯËÙ¶ÈÂýµÄÔÒòºÜ¶à£¬³£¼ûÈçϼ¸ÖÖ
1¡¢Ã»ÓÐË÷Òý»òÕßûÓÐÓõ½Ë÷Òý(ÕâÊDzéѯÂý×î³£¼ûµÄÎÊÌ⣬ÊdzÌÐòÉè¼ÆµÄȱÏÝ)
2¡¢I/OÍÌÍÂÁ¿Ð¡£¬ÐγÉÁËÆ¿¾±Ð§Ó¦¡£
3¡¢Ã»Óд´½¨¼ÆËãÁе¼Ö²éѯ²»ÓÅ»¯¡£
4¡¢ÄÚ´æ ......
ÔÚSQL Server 2005 Express Éϸ½¼Ó´ÓÁíÍâһ̨µçÄÔCopy¹ýÀ´µÄÊý¾Ý¿âºó£¬Êý¾Ý¿âΪ“Ö»¶Á”¡£
½â¾ö°ì·¨£º
´ò¿ª SQL Server Configuration Manager, ´ò¿ªSQL Server SQLEXPRESS µÄÊôÐÔ
ÔÚÄÚÖÃÕʺŴ¦£¬°Ñ“ÍøÂç·þÎñ”¸Ä³É“±¾µØϵͳ”£¬ÖØÐÂÆô¶¯SQL Server 2005 Express ºó£¬ÔÙ¸½¼ÓÊý¾Ý ......
Ç°¼¸ÌìΪÖÆ×÷Ò»¸öÍøÕ¾£¬ÐèÒª´ÓACCESSתÖÁSQLSERVER£¬´ÓÍøÕ¾Éϲ鿴Á˺ܶàµÄ×ÊÁÏ£¬µ«¾õµÃûÓÐÒ»¸öÄܹ»È«Ã渲¸ÇÒªµãµÄ£¬ËùÒÔÎÒ×ܽáһϣ¬Ë³±ã
¸ø³öһЩ¾Ñé¡£
Ê×ÏÈÈç¹ûÒ»¿ªÊ¼¾ÍÐèÒªÖÆ×÷SQLSERVERµÄÍøÕ¾£¬ÄÇô×îºÃ½«ÄãµÄ°®»ú×°ÉÏWINDOWS2000»òÕß2003ÕâÑùµÄSERVER°æ£¬ÕâÑùµÄ°æ±¾ÊÇÖ§³Ö
SQLSERVERÕýʽ ......
