Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

·ÀÖ¹Ò³ÃæÔÚÌøתµÄʱºò±»SQL×¢Èë

Ê×ÏÈдһ¸öSQL×¢Èë¹ýÂ˵ÄÀࣺ
public class SqlFilter
{
#region SQL×¢Èëʽ¹¥»÷´úÂë·ÖÎö
/// <summary>
/// ´¦ÀíÓû§Ìá½»µÄÇëÇó
/// </summary>
public void StartProcessRequest()
{
string getkeys = "";
string sqlErrorPage = "~/no.html";//תÏòµÄ´íÎóÌáʾҳÃæ
try
{
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.QueryString[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect(sqlErrorPage,false);
System.Web.HttpContext.Current.ApplicationInstance.CompleteRequest();
//System.Web.HttpContext.Current.Response.End();
}
}
}
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.Form.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
if (getkeys == "__VIEWSTATE") continue;
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.Form[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect(sqlErrorPage,false);
System.Web.HttpContext.Current.ApplicationInstance.CompleteRequest();
//System.Web.HttpContext.Current.Response.End();


Ïà¹ØÎĵµ£º

SQLͳ¼Æ´óÈ«ÊÕ²Ø°æ ¸öÈËʹÓÃ

ÎÄÕÂÀ´Ô´£ºIT¹¤³Ì¼¼ÊõÍø£¬ È«ÎÄÁ´½Ó£ºhttp://www.systhinker.com/html/81/n-11481.html
1.¼ÆËãÿ¸öÈ˵Ä×ܳɼ¨²¢ÅÅÃû
select name,sum(score) as allscore from stuscore group by name order by allscore
2.¼ÆËãÿ¸öÈ˵Ä×ܳɼ¨²¢ÅÅÃû
select distinct t1.name,t1.stuid,t2.allscore from stuscore t1,( select st ......

ÎåÖÖÌá¸ß SQL ÐÔÄܵķ½·¨

±¾ÎĽÚÑ¡×ÔMSDNµÄÎÄÕ¡¶ÎåÖÖÌá¸ß SQL ÐÔÄܵķ½·¨¡·£¬Ìá³öÈçºÎÌá¸ß»ùÓÚSQL ServerÓ¦ÓóÌÐòµÄÔËÐÐЧÂÊ£¬·Ç³£ÖµµÃÍƼö¡£¶ÔһЩTrafficºÜ¸ßµÄÓ¦ÓÃϵͳ¶øÑÔ£¬ÈçºÎÌá¸ßºÍ¸Ä½øSQLÖ¸ÁÊǷdz£ÖØÒªµÄ£¬Ò²ÊÇÒ»¸öºÜºÃµÄÍ»ÆƵ㡣
*ÎÄÕÂÖ÷Òª°üÀ¨ÈçÏÂһЩÄÚÈÝ£¨Èç¸ÐÐËȤ£¬ÇëÖ±½Ó·ÃÎÊÏÂÃæµÄURLÔĶÁÍêÕûµÄÖÐÓ¢ÎÄÎĵµ£©£º
1, ´Ó INSERT ·µ ......

ms sql´æ儲過³Ì參數·µ»ØÖµ

create table tabReProc
 (    
 name varchar(30),    
 age integer,    
 primary key(name,age)    
 ) 
 insert into tabReProc values('x7700',20) 
 insert into tabR ......

PL/SQLÓαê×ܽá

Óα꣺ָÏò´¦ÀíSQLÓï¾äµÄ»·¾³ÇøÓòµÄÖ¸Õë»ò¾ä±ú
-----|-1 ¾²Ì¬Óαê
       |---1.1 ÒþʽÓαê
       |          ´¦Àí£ºINSERT,DELETE,UPDATE¼°·µ»ØÒ»ÐеÄSELECTÓï¾ä
       | ......

SQlÊý¾Ý¿â¿ìËÙÈëÃűØÐëÕÆÎÕµÄËÄ´ó»ù±¾Óï¾ä

×öÒ»¸öϵͳµÄºǫ́£¬»ù±¾É϶¼ÉÙ²»ÁËÔöɾ¸Ä²é£¬×÷Ϊһ¸öÐÂÊÖÈëÃÅ£¬ÎÒÃDZØÐëÒªÕÆÎÕSQLËÄÌõ×î»ù±¾µÄÊý¾Ý²Ù×÷Óï¾ä£ºInsert£¬Select£¬UpdateºÍDelete£¡ ÏÂÃæ¶ÔÕâËĸöÓï¾ä½øÐÐÏêϸµÄÆÊÎö£º
¡¡¡¡ ÊìÁ·ÕÆÎÕSQLÊÇÊý¾Ý¿âÓû§µÄ±¦¹ó²Æ¸»¡£ÔÚ±¾ÎÄÖУ¬ÎÒÃǽ«Òýµ¼ÄãÕÆÎÕËÄÌõ×î»ù±¾µÄÊý¾Ý²Ù×÷Óï¾ä—SQLµÄºËÐŦÄÜ—À´ÒÀ´Î½éÉܱȽ ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ