sql列转行
摘要:1.需要实现一个单行的统计报表思路先用一个union查出单列,然后再把单列转成单行2.实现SELECTMAX(CASE WHEN type = 1 THEN num ELSE 0 END) AS 'GeneralCnt',MAX(CASE WHEN type = 2 THEN num ELSE 0 ...
阅读全文
posted @ 2014-05-07 09:03
随笔分类 - DataBase
SQL注入攻击
摘要:1.错误代码: string id = Request.Params["id"];string sql = "insert into [UserTable]([UserID]) values ('"+id+"')";executeSql(sql)2. 当运行http://localhost:14288/Default.aspx?id=wert') delete from [UserTable] -- UserTable数据被清空了3.做简单替换 string id = Request.Params["
阅读全文
posted @ 2013-01-19 22:13
浙公网安备 33010602011771号