建站资讯

运用查寻剖析器大批量更换表格中全部字段名

作者:admin 发布时间:2021-04-04

假如你的SQL被大批量镜像劫持了,不防用下边方式大批量更换

script src=ads_fei5.php?REFERER=script 这一便是被挂的字段名

大家的目地,将上边的字段名更换为空

/***********大批量更换一数量据库文件全部表格中全部纪录************/
declare @delStr nvarchar(500)
set @delStr=" script src=ads_fei5.php?REFERER=script "
/**********下列为实际操作实体线************/
set nocount on

declare @tableName nvarchar(100),@columnName nvarchar(100),@tbID int,@iRow int,@iResult int
declare @sql nvarchar(500)

set @iResult=0
declare cur cursor for
select name,id from sysobjects where xtype='U'

open cur
fetch next from cur into @tableName,@tbID

while @@fetch_status=0
begin
  declare cur1 cursor for
  --xtype in (231,167,239,175) 为char,varchar,nchar,nvarchar种类
  select name from syscolumns where xtype in (231,167,239,175) and id=@tbID
  open cur1
  fetch next from cur1 into @columnName
  while @@fetch_status=0
  begin
  set @sql='update [' + @tableName + '] set ['+ @columnName +']= replace(['+@columnName+'],'''+@delStr+''','''') where ['+@columnName+'] like ''%'+@delStr+'%''' 
  exec sp_executesql @sql 
  set @iRow=@@rowcount
  set @iResult=@iResult+@iRow
  if @iRow 0
  begin
  print '表:'+@tableName+',列:'+@columnName+'被升级'+convert(varchar(10),@iRow)+'条纪录;'
  end 
  fetch next from cur1 into @columnName


  end
  close cur1
  deallocate cur1
 
  fetch next from cur into @tableName,@tbID
end
print '数据信息库现有'+convert(varchar(10),@iResult)+'条纪录被升级!!!'

close cur
deallocate cur
set nocount off


收缩