¹ØÓÚ³ÌÐò´úÂëÖеÄSQLÓï¾ä
ÔÚ³ÌÐòÖÐÓÐЩ²éѯÓï¾äÏà¶Ô½Ï³¤£¬¿ÉÒÔ½«Óï¾äµ¥¶ÀдÔÚÒ»¸öXXX.sqlÎļþÖУ¬ÔÚ³ÌÐòÖжÁÈ¡SQLÎļþ
¾ßÌåÉæ¼°µ½
import java.io.File;
import org.apache.commons.io.FileUtils;
import java.net.URL;
URL resourceUrl = XXXX.class.getClassLoader().getResource(SQL_PATH+sqlName);//SQL_PATH¾ßÌåSQLÎļþ´æÔÚ·¾¶£¬sqlName¼´SQLÎļþÃû£¬ XXXXµ±Ç°Àà
File sqlFile = new File(resourceUrl.getPath()); //¶ÁÈ¡SQLÎļþ
String sql = FileUtils.readFileToString(sqlFile, "UTF-8"); //µÃµ½SQLÓï¾ä
Ïà¹ØÎĵµ£º
----start
¶¯Ì¬SQLÊÇÔÚ³ÌÐòÔËÐÐʱ¹¹ÔìµÄ£¬ÒªÖ´Ðе¥ÌõSQL£¬Ê¹ÓÃEXECUTE IMMEDATE Óï¾ä£»µ±ÅúÁ¿Ö´ÐÐSQLʱ£¬ÏÈʹÓÃPREPARE Óï¾ä¹¹ÔìSQL£¬È»ºóʹÓÃEXECUTE Óï¾äÖ´ÐС£
Ò»£ºPrepareÓï¾ä£ºÓÃÀ´¹¹ÔìÅúÁ¿SQL
Óï·¨£º
PREPARE <sql-statement> [OUTPUT] INTO <result> [INPUT INTO] <input> ......
Google dorks sql injection:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:Play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:Pageid=
inurl:game ......
°²×°SQL Server2005 ÎÊÌâÐÅÏ¢£º
“SQL Server °²×°³ÌÐòÎÞ·¨»ñÈ¡ ASPNET ÕÊ»§µÄϵͳÕÊ»§ÐÅÏ¢”
½â¾ö°ì·¨£º
ÓÃaspnet_regiisʵÓù¤¾ßжÔغÍÖØа²×°Ò»Ï¾ͿÉÒÔÁË¡£
¾ßÌåµÄ²Ù×÷£º
1¡¢½øÈëCMD£º
C:\windows\microsoft.net\framework\v2.0.50727Îļþ¼ÐÏ£¬ÔËÐÐaspnet_regiis -uжÔØ
È»ºóÔËÐÐaspnet_regiis -i Ö ......
Cross Applyʹ±í¿ÉÒԺͱíÖµº¯Êý½á¹û½øÐÐjoin, ÕâÑù±íÖµº¯ÊýµÄ²ÎÊý¾Í¿ÉÒÔʹÓÃÒ»¸ö½á¹û¼¯£¬¶ø²»ÊÇÒ»¸ö±êÁ¿Öµ£¬ÏÂÃæÊÇbook onlineµÄÔÎÄ£¬ÓÐÀý×Ó£¬ÓнâÊÍ¡£
The APPLY operator allows you to invoke a table-valued function for each row returned by an outer table expression of a query. The table-valued function act ......
ÔÎĵØÖ·£ºhttp://www.cnblogs.com/changhai0605/articles/1276319.html
OracleµÄÇë²Î¿¼£ºhttp://zonghl8006.blog.163.com/blog/static/4528311520083995931317/
1.¼ò½é£º
SQL Server 2005ÖÐÐÂÔöµÄ´°¿Úº¯Êý°ïÖúÄãѸËٲ鿴²»Í¬¼¶±ðµÄ¾ÛºÏ£¬Í¨¹ýËü¿ÉÒԷdz£·½±ãµØÀÛ¼Æ×ÜÊý¡¢Òƶ¯Æ½¾ùÖµ¡¢ÒÔ¼°Ö´ÐÐÆäËü¼ÆËã¡£
´°¿Úº¯Êý¹¦ÄÜ·Ç ......
