Ò׽ؽØÍ¼Èí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

javaʱ¼äº¯Êý£¬ÒÔ¼° sql ʱ¼ä·¶Î§²éÕÒ ´úÂë

 String keyword = request.getParameter("keyword");
   String timeRange = request.getParameter("timeRange");
   String type = request.getParameter("type");
  
   StringBuffer sql = new StringBuffer();
   sql.append("use webstation_leadall select f.id,f.title,f.publishtime from information f left join infotype t on f.typeid=t.id  where ");
   if( (keyword == null)|| (keyword.equals("")) ){  
   sql.append("title like '%' and ");
  }else {
   sql.append("title like '%"+keyword +"%' and ");
  }
  
  if(timeRange.equals("")||timeRange==null){
   sql.append("");
  }else{
   //Calendar cal = Calendar.getInstance();
   SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd kk:mm:ss");
      //String now = sdf.format(cal.getTime());
   String begintime = "";
   String endtime = "";
   java.util.Date myDate=new java.util.Date();
   long myTime = 0;
   if(timeRange.equals("1")){
    myTime=((myDate.getTime()/1000)-60*60*24)*1000;
    begintime = sdf.format(new   java.util.Date(myTime));
    endtime = sdf.format(myDate);
    //System.out.println("------"+begintime+"+++++"+endtime);
   }else if(timeRange.equals("3")){
    myTime=((myDate.getTime()/1000)-60*60*24*3)*1000;
    begintime = sdf.format(new   java.util.Date(myTime));
    endtime = sdf.format(myDate);
    //System.out.println("------"+begintime+"+++++"+endtime);
   }else if(timeRange.equals("7")){
    myTime=((myDate.getTime()/1000)-60*60*24*7)*1000;
 &n


Ïà¹ØÎĵµ£º

¾­µäÓÐÓõÄSQLÓï¾äÊÕ¼¯

1.˵Ã÷£º¸´ÖƱí(Ö»¸´Öƽṹ,Ô´±íÃû£ºa бíÃû£ºb)
SQL: select * into b from a where 11
2.˵Ã÷£º¿½±´±í(¿½±´Êý¾Ý,Ô´±íÃû£ºa Ä¿±ê±íÃû£ºb)
SQL: insert into b(a, b, c) select d,e,f from a;
3.˵Ã÷£ºÏÔʾÎÄÕ¡¢Ìá½»È˺Í×îºó»Ø¸´Ê±¼ä
SQL: select a.title,a.username,b.adddate from table a,(select max(adddat ......

SQL²éѯÓï¾äʹÓÃ

Ò»¡¢¼òµ¥²éѯ
¡¡¡¡ ¼òµ¥µÄTransact-SQL²éѯֻ°üÀ¨Ñ¡ÔñÁÐ±í¡¢from×Ó¾äºÍWHERE×Ӿ䡣
ËüÃÇ·Ö±ð˵Ã÷Ëù²éѯÁС¢²éѯµÄ
±í»òÊÓͼ¡¢ÒÔ¼°ËÑË÷Ìõ¼þµÈ¡£
ÀýÈ磬ÏÂÃæµÄÓï¾ä²éѯtesttable±íÖÐÐÕÃûΪ“ÕÅÈý”µÄnickname×ֶκÍemail×ֶΡ£
SELECT nickname,email
from testtable WHERE name='ÕÅÈý'
(Ò»)Ñ¡ÔñÁбí
¡ ......

sql È¥¿Õ¸ñÓëÁ¬½ÓÌØÊâ×Ö·û

ÔÚ·Ö×éÅÅÐò¹ý³ÌÖÐÐèҪн¨ÅÅÐòÁУ¬°´Ìõ¼þ:(ÎïÁÏ·ÖÀà+¿Í»§Ãû³Æ) ½øÐзÖ×é»ã×Ü È»ºó¾Í¸ù¾Ý¸ÃÌõ¼þ½øÐÐÅÅÐò
1.ÐèҪƴ´ÕÁ½ÁÐ ×÷ΪÅÅÐòÁÐ,ÈçÐè¼ÓÈëÌØÊâ×Ö·û.¾Í»á±¨´í.
   ÒòΪ±¾Éí¸Ä×ֶξÍÊÇvarcharÀàÐÍ ÐèÒª½«charÀàÐÍ'_' ת»»³Évarchar
2.Æ´´Õ¹ý³ÌÖÐÓпոñÐèҪȥ¿Õ¸ñ
 e.g£ºselect (trim(ÎïÁÏ·ÖÀà)+to_char( ......

С²¼×÷Æ·£ºSQL*PlusʹÓÃÅàѵ (È«8½²)

==============================================
 
µÚ1½²
ÔÚÏß¹Û¿´£º http://www.boobooke.com/v/bbk1389
ÊÓÆµÏÂÔØ£º http://www.boobooke.com/v/bbk1389.zip
 
µÚ2½²
ÔÚÏß¹Û¿´£º http://www.boobooke.com/v/bbk1390
ÊÓÆµÏÂÔØ£º http://www.boobooke.com/v/bbk1390.zip
 
µÚ3½²
ÔÚÏß¹Û¿´£º http ......

¼¼Çɺ;÷ÇÏ£º·À·¶SQL×¢Èë¹¥»÷

¡¾Ô­ÎĵØÖ·¡¿Tip/Trick: Guard Against SQL Injection Attacks
¡¾Ô­ÎÄ·¢±íÈÕÆÚ¡¿ Saturday, September 30, 2006 9:11 AM
SQL×¢Èë¹¥»÷ÊǷdz£ÁîÈËÌÖÑáµÄ°²È«Â©¶´£¬ÊÇËùÓеÄweb¿ª·¢ÈËÔ±£¬²»¹ÜÊÇʲôƽ̨£¬¼¼Êõ£¬»¹ÊÇÊý¾Ý²ã£¬ÐèҪȷÐÅËûÃÇÀí½âºÍ·ÀÖ¹µÄ¶«Î÷¡£²»ÐÒµÄÊÇ£¬¿ª·¢ÈËÔ±ÍùÍù²»¼¯Öл¨µãʱ¼äÔÚÕâÉÏÃæ£¬ÒÔÖÁËûÃǵÄÓ¦Ó㬠......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØÍ¼ | ¸ÓICP±¸09004571ºÅ