1.第一種情況是 需要將指定的 注入字串全部替換掉(僅替換注入的字串為空白)
declare @delStr nvarchar(500) set @delStr='<script src=http://www.bKjia.c0m/js/common.js></script>' --這裡被注入的欄位串 /****************************************//**********以下為操作實體************/ set nocount ondeclare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int declare @sql nvarchar(2000)set @iResult=0 declare cur cursor for select name,id from sysobjects where xtype='U'open cur fetch next from cur into @tableName,@tbIDwhile @@fetch_status=0 begin declare cur1 cursor for select name from syscolumns where xtype in (231,167,239,175, 35, 99) and id=@tbID open cur1 fetch next from cur1 into @columnName while @@fetch_status=0 begin set @sql='update [' + @tableName + '] set ['+ @columnName +']= SUBSTRING([' + @columnName + '],' + '1, PATINDEX( ''%' + @delStr + '%'', [' + @columnName + '])-1) + ' + 'SUBSTRING([' + @columnName + '], PATINDEX( ''%' + @delStr + '%'', [' + @columnName + ']) + ' + 'len(''' + @delStr + ''') , datalength([' + @columnName + '])) where ['+@columnName+'] like ''%'+@delStr+'%'''exec sp_executesql @sql set @iRow=@@rowcount set @iResult=@iResult+@iRow if @iRow>0 begin print '表:'+@tableName+',列:'+@columnName+'被更新'+convert(varchar(10),@iRow)+'條記錄;' end fetch next from cur1 into @columnNameend close cur1 deallocate cur1fetch next from cur into @tableName,@tbID end print '資料庫教程共有'+convert(varchar(10),@iResult)+'條記錄被更新!!!'close cur deallocate cur set nocount off
2.第二種是 需要將注入到表中起始位置到最後都刪掉。(此種方法直接找到注入的起始位置,後面的全部刪掉)
--恢複被注入資料庫 --2013-09-26declare @delStr nvarchar(500) set @delStr='</title><style>.' --被注入的欄位串的開始採樣,從此位置後面的資料都為注入資料/**********以下為操作實體************/ set nocount ondeclare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int declare @sql nvarchar(2000)set @iResult=0 declare cur cursor for select name,id from sysobjects where xtype='U'open cur fetch next from cur into @tableName,@tbIDwhile @@fetch_status=0 begin declare cur1 cursor for select name from syscolumns where xtype in (231,167,239,175, 35, 99) and id=@tbID open cur1 fetch next from cur1 into @columnName while @@fetch_status=0 begin set @sql='update [' + @tableName + '] set ['+ @columnName +']= SUBSTRING([' + @columnName + '],1, PATINDEX( ''%' + @delStr + '%'', [' + @columnName + '])-1) where ['+@columnName+'] like ''%'+@delStr+'%'''exec sp_executesql @sql set @iRow=@@rowcount set @iResult=@iResult+@iRow if @iRow>0 begin print '表:'+@tableName+',列:'+@columnName+'被更新'+convert(varchar(10),@iRow)+'條記錄;' end fetch next from cur1 into @columnNameend close cur1 deallocate cur1fetch next from cur into @tableName,@tbID end print '資料庫教程共有'+convert(varchar(10),@iResult)+'條記錄被更新!!!'close cur deallocate cur set nocount off