/*sql.Format(_T("delete from SELLINFO where Merchandise ='%s'"), m_name);
m_pConnection->Execute((_bstr_t)sql, NULL, adCmdText);
m_list.DeleteItem(pos);*/
//ÑéÖ¤sql×¢ÈëÎÊÌâ
//_ConnectionPtr
//sql = _T( "select * from SellInfo where Merchandise = '1' OR '1'='1' ");
// CString m_name = "1' OR '1'='1";
// sql.Format("delete from SellInfo where Merchandise = '%s'", m_name);
// m_pConnection->Execute((_bstr_t)sql, NULL, adCmdText);
//pCommand->CommandText="delete from SELLINFO where Merchandise = '%s'";
_CommandPtr pCommand(__uuidof(Command));
m_pRecordset.CreateInstance(__uuidof(Recordset));
pCommand->CommandText="delete from SELLINFO where Merchandise = ? ";
//pCommand->CommandText="delete from SELLINFO where ? ";
pCommand->Parameters->Refresh();
//_ParameterPtr param=pCommand->CreateParameter(_bstr_t("121"), adBSTR,adParamInput,strlen("121"), "121");
_ParameterPtr param=pCommand->CreateParameter(_bstr_t(" '1' OR '1'='1' "), adBSTR,adParamInput,strlen(" '1' OR '1'='1' ")," '1' OR '1'='1' ");
pCommand->Parameters->Append(param);
//pCommand->CommandText=" delete from SELLINFO where Merchandise = '1' OR '1'='1' "; ->²»ÄÜÓÃsqlÆ´½Ó
pCommand->ActiveConnection=m_pConnection;
pCommand->CommandType=adCmdText;
//
MessageBox("exe before");
m_pRecordset=pCommand->Execute(NULL,NULL,adCmdText); //??sql??
MessageBox("over");
不要直接用用户输入的数据 如果数据库包含恶意字符 这样会导致 hack 填空 导致 delete from SELLINFO where Merchandise = '1' OR '1'='1' 执行 数据全部删除
CString m_name = " '1' OR '1'='1' ";
sql.Format("delete from SellInfo where Merchandise = %s ", m_name);
m_pConnection->Execute((_bstr_t)sql, NULL, adCmdText);
try{
CString m_name = " 1' OR '1'='1 ";
sql.Format("delete from SellInfo where Merchandise = '%s' ", m_name);
m_pConnection->Execute((_bstr_t)sql, NULL, adCmdText);
}
catch(_com_error e)
{
AfxMessageBox(e.Description());
return;
}
会导致数据全部删除
---------------
VC++中使用MFC通过ADO连接数据库方法小结(不包括异常的捕捉)
这里主要讲MFC与ACCESS数据库(SQL2000方法差不多,主要是连接字符串不同)
1、在StdAfx.h头文件中加入此句子
#import "C:\Program Files\Common Files\System\ado\msado15.dll" no_namespace rename("EOF","rsEOF")//不要命名空间,重命//名EOF为rsEOF
这句话意味使用msado15.dll动态连接库文件,里面就有ADO
2、实现从数据库中提取显示数据 CoInitialize(NULL); //初始化COM组件
_ConnectionPtr pConn(__uuidof(Connection)); //实例化一个connection对象pConn
_RecordsetPtr pRst(__uuidof(Recordset)); //实例化一个Recordset对象pRst
_CommandPtr pCmd(__uuidof(Command)); //实例化一个Command对象pCmd
pConn->ConnectionString="Provider=MIcrosoft.Jet.OLEDB.4.0;Data so
urce=student.mdb";
//通过pConn对象连接字符串,连接到ACCESS数据库,这里ACCESS数据库在C根目录下
pCmd->put_ActiveConnection(_variant_t((IDispatch*)pConn)); pCmd->CommandText="SELECT * FROM stu"; //通过pCmd对象访问数据库
pRst=pCmd->Execute(NULL,NULL,adCmdText); while(!pRst->rsEOF) {
((CListBox*)GetDlgItem(IDC_LIST1))->AddString((_bstr_t)pRst->GetCollect("学号"));
//把数据库中学号这列的内容放入IDC_LIST1的LIST控件中 pRst->MoveNext(); //下移一个 }
pRst->Close(); //关闭对象 pConn->Close();
pCmd.Release(); //释放对象 pRst.Release(); pConn.Release();
CoUninitialize(); //卸载COM组件
3、实现插入记录 CoInitialize(NULL);
_ConnectionPtr pConn(__uuidof(Connection)); _RecordsetPtr pRst(__uuidof(Recordset)); _CommandPtr pCmd(__uuidof(Command));
_variant_t RecordsAffected; //申请一个_variant_t类型的的变量
pConn->ConnectionString="Provider=MIcrosoft.Jet.OLEDB.4.0;Data source=student.mdb";
pConn->Open("","","",adConnectUnspecified);
pRst=pConn->Execute("INSERT INTO stu (学号,姓名,电
话) VALUES ('2222','dddd','123456')",&RecordsAffected,adCmdText);
//pRst->Close(); //若有此句可以实现插入,但会产生runtime错误提示 pConn->Close(); pCmd.Release(); pRst.Release(); pConn.Release(); CoUninitialize();
4、实现删除记录
CoInitialize(NULL);
_ConnectionPtr pConn(__uuidof(Connection)); _RecordsetPtr pRst(__uuidof(Recordset)); _CommandPtr pCmd(__uuidof(Command));
_variant_t RecordsAffected; //申请一个_variant_t类型的的变量
pConn->ConnectionString="Provider=MIcrosoft.Jet.OLEDB.4.0;Data source=student.mdb";
pConn->Open("","","",adConnectUnspecified);
pRst=pConn->Execute("DELETE FROM stu WHERE 学号='2'",&RecordsAffected,adCmdText);
pConn->Close(); pCmd.Release(); pRst.Release(); pConn.Release(); CoUninitialize();