; MEMBER--------------------------------------------------------------------------------/u01/app/oracle/oradata/ Bre1/redo01.log/u01/app/oracle/oradata/bre1/redo02.log/u01/app/oracle/oradata/bre1/redo03.logI wrote a concatenation of SQL to convert the data file directory:Select ' ALTER DATABASE rename file ' | | name| | ' to '/bre1/oradata ' | | substr (name,length (name)-instr (reverse (name), '/') +1,instr
Response to ASP Overflow Vulnerability We should do comprehensive character filtering
One is the member login
The following section of code filters out the illegal characters of usernameUsername=trim (Request.Form ("username"))Userpws=trim (Request.Form ("password"))If Username= "" or userpws= "" or Instr (username, "=") >0 or Instr (username, "%") >0 or Instr (U
A section of code that converts GB encoding to UTF8gb2utf8.php files are as follows:Class Gb2utf8{var $gb; GB2312 string to be convertedvar $utf 8; Converted UTF8 Stringvar $CodeTable; Array of GB2312 code files used during conversionvar $ErrorMsg; Error messages during the conversion process
function Gb2utf8 ($InStr = ""){$this->gb= $InStr;$this->setgb2312 ();($this->gb== "")? 0: $this->convert ();}
func
ado| Data | database | string
In the process of network programming, ADO (Activex Data Object) programming is often indispensable work, especially the development of e-commerce sites. Now that you're talking about ADO data objects, you can simply introduce ADO data objects and their functions. There are seven separate objects for ADO data objects, namely, connection objects (Connection), Recordset objects (recordsets), Domain objects (field), Command objects (commands), Parameter objects (Parame
; MySQL MySQL connector/j DriverDriver package Name:Mysql-connector-java-x.x.xx-bin.jarDriver class Name: com.mysql. JDBC jdbc:mysql://database_name>Default Port 3306, port can be omitted if the server uses the default portMySQL connector/j Driver allowed in jdbc:mysql://database_name>? Property1=value1property2=value2 InformixInformix driver package name:Ifxjdbc.jarDriver class Name: com.informix. JDBC jdbc: informix-sqli://{ SybaseSybase Adaptive Server Enterprise driver package Name:Jconn
If you need to partially replace the content in mysql, you can refer to the following article.Replace Welcom to in the subject field of the cdb_pms table with welcomeUPDATE 'cdb _ pms 'set' subobject' = REPLACE ('subobject', 'Welcome to ', 'Welcome to') where instr ('subobject', 'Welcome to ')> 0Replace the message field in the cdb_posts table and set "viewthread. php? Tid = 3989 "with&
Background 1:
Personnel Information table, which contains the email_address field. The values in the field are in the following format:
Name1@test.com.cn or name2/test/COM/CN
Name of the target user.
The string processing function is as follows:
Code 1:
Select email_address--, Instr (email_address, '@', 1, 1)--, Decode (instr (email_address, '@'), 0, 'unadded @', substr (email_address,
The following are the referenced contents:
Servername= "wyb" ' Server name
user= "sa" user name
pw= "" ' User password
Databasename= "Northwind" database name
Set Conn=server. CreateObject ("Adodb.connection")
Conn. Open "Driver=sql Server; Server= "servername"; Uid= "user";p wd= "pw";D atabase= "databasename
Set Rs=server. CreateObject ("Adodb.recordset")
Sql= "Select Employeeid,lastname from Employees order BY EmployeeID"
Rs. Open sql,conn%>
Set rs=nothing
%>
Use the ASP's
to UTF8. This must be UTF8.Call MySQL cmd: Back up a tableProcess childtable = RT. EXEC ("D:/db/mysql/mysql-5.0.45-win32/bin/mysqldump-uroot-pmysql--set-charset=utf8 ibtts T_a_dbbak");// Set the export encoding to UTF8. This must be UTF8.Process childtable = RT. EXEC (databasedirectory+ "/" +copydbcmd+ "" + "-U" +username+ "" + "-P" +userpwd+ "" + "--set-charset=utf8" + "" + databasename+ "" + "T_a_dbbak");//Set export encoding to UTF8. This must be UTF8.Writes the console output information fr
Label:Replace the welcom to Cdb_pms table subject field with Welcome Copy CodeThe code is as follows:UPDATE ' Cdb_pms 'SET ' Subject ' = REPLACE (' Subject ', ' Welcome to ', ' welcome ')WHERE INSTR (' Subject ', ' Welcome to ') > 0Replace the message field of the Cdb_posts table with "viewthread.php?tid=3989" replaced by "viewthread.php?tid=16546" Copy CodeThe code is as follows:UPDATE ' cdb_posts 'SET ' message ' = REPLACE (' message ', ' viewthread
as String) read results
Dim DC as MSHTML. HTMLDocument
Dim Bd as MSHTML. HTMLBody
Dim El as MSHTML. HtmlElementCollection
Dim Strip as String
Dim Stradd as String
Dim strSQL
Dim I as Long
Set DC = webbrowser3.document
Set Bd = Dc.body
Dim Lngstart as Long
' All elements in the loop DOCUMENT get the required characters
For i = 0 to Dc.all.length-1
' Because the server rewrites the interface, I changed the analysis code
' If dc.all (i). TagName = "P" and left (Dc.all (i). innertext, 4) = "Query
Delete a single record
Copy Code code as follows:
id = saferequest ("id")
Sql= "Delete from table1 where whereid>" id "
Rs.Open sql,conn,1,3
Response.Write ""
Set rs=nothing
Set conn=nothing
This is the filter illegal character function
Copy Code code as follows:
function Saferequest (paraname)
Dim paravalue
Paravalue=request (Paraname)
If IsNumeric (paravalue) = True Then
Saferequest=paravalue
Exit function
ElseIf
%20localgroup%20administrators|\ "|:| NET%20USER|\|%20OR%20) (. *) $/gi;
var e = re.test (URL);
if (e) {
Alert ("The address contains illegal characters ~");
Location.href= "error.asp";
}
-->
ASP version of the prevention of SQL injection attack code ~:
[CODE START]
On Error Resume Next
Dim strtemp
If LCase (Request.ServerVariables ("HTTPS") = "Off" Then
strtemp = "http://"
Else
strtemp = "https://"
End If
strtemp = strtemp Request.ServerVariables ("SERVER_NAME")
If Request.ServerVariables ("Se
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.