1
--
进入SQL查询分析器
2 -- 选择你的数据库
3 -- 第一步:先sql表修改所有者为dbo
4 EXEC sp_MSforeachtable ' exec sp_changeobjectowner '' ? '' , '' dbo '' '
5 -- 第二步:统一删除字段被挂的js
6 declare @delStr nvarchar ( 500 )
7 set @delStr = ' <script src=http://3b3.org/c.js></script> '
8
9 set nocount on
10
11 declare @tableName nvarchar ( 100 ), @columnName nvarchar ( 100 ), @tbID int , @iRow int , @iResult int
12 declare @sql nvarchar ( 500 )
13
14 set @iResult = 0
15 declare cur cursor for
16 select name,id from sysobjects where xtype = ' U '
17
18 open cur
19 fetch next from cur into @tableName , @tbID
20
21 while @@fetch_status = 0
22 begin
23 declare cur1 cursor for
24 -- xtype in (231,167,239,175,35) 为char,varchar,nchar,nvarchar,text类型
25 select name from syscolumns where xtype in ( 231 , 167 , 239 , 175 , 35 ) and id = @tbID
26 open cur1
27 fetch next from cur1 into @columnName
28 while @@fetch_status = 0
29 begin
30 set @sql = ' update [ ' + @tableName + ' ] set [ ' + @columnName + ' ]= replace([ ' + @columnName + ' ], ''' + @delStr + ''' , '''' ) where [ ' + @columnName + ' ] like '' % ' + @delStr + ' % '''
31 exec sp_executesql @sql
32 set @iRow = @@rowcount
33 set @iResult = @iResult + @iRow
34 if @iRow > 0
35 begin
36 print ' 表: ' + @tableName + ' ,列: ' + @columnName + ' 被更新 ' + convert ( varchar ( 10 ), @iRow ) + ' 条记录; '
37 end
38 fetch next from cur1 into @columnName
39 end
40 close cur1
41 deallocate cur1
42
43 fetch next from cur into @tableName , @tbID
44 end
45 print ' 数据库共有 ' + convert ( varchar ( 10 ), @iResult ) + ' 条记录被更新!!! '
46
47 close cur
48 deallocate cur
49 set nocount off
50
51 -- 彻底杜绝SQL注入
52
53 -- 1.不要使用sa用户连接数据库
54 -- 2、新建一个public权限数据库用户,并用这个用户访问数据库
55 -- 3、[角色]去掉角色public对sysobjects与syscolumns对象的select访问权限
56 -- 4、[用户]用户名称-> 右键-属性-权限-在sysobjects与syscolumns上面打“×”
57 -- 5、通过以下代码检测(失败表示权限正确,如能显示出来则表明权限太高):
58
59 DECLARE @T varchar ( 255 ),
60 @C varchar ( 255 )
61 DECLARE Table_Cursor CURSOR FOR
62 Select a.name,b.name from sysobjects a,syscolumns b
63 where a.id = b.id and a.xtype = ' u ' and (b.xtype = 99 or b.xtype = 35 or b.xtype = 231 or b.xtype = 167 )
64 OPEN Table_Cursor
65 FETCH NEXT FROM Table_Cursor INTO @T , @C
66 WHILE ( @@FETCH_STATUS = 0 )
67 BEGIN print @c + ' ' + @t
68 FETCH NEXT FROM Table_Cursor INTO @T , @C
69 END
70 CLOSE Table_Cursor
71 DEALLOCATE Table_Cursor
72
2 -- 选择你的数据库
3 -- 第一步:先sql表修改所有者为dbo
4 EXEC sp_MSforeachtable ' exec sp_changeobjectowner '' ? '' , '' dbo '' '
5 -- 第二步:统一删除字段被挂的js
6 declare @delStr nvarchar ( 500 )
7 set @delStr = ' <script src=http://3b3.org/c.js></script> '
8
9 set nocount on
10
11 declare @tableName nvarchar ( 100 ), @columnName nvarchar ( 100 ), @tbID int , @iRow int , @iResult int
12 declare @sql nvarchar ( 500 )
13
14 set @iResult = 0
15 declare cur cursor for
16 select name,id from sysobjects where xtype = ' U '
17
18 open cur
19 fetch next from cur into @tableName , @tbID
20
21 while @@fetch_status = 0
22 begin
23 declare cur1 cursor for
24 -- xtype in (231,167,239,175,35) 为char,varchar,nchar,nvarchar,text类型
25 select name from syscolumns where xtype in ( 231 , 167 , 239 , 175 , 35 ) and id = @tbID
26 open cur1
27 fetch next from cur1 into @columnName
28 while @@fetch_status = 0
29 begin
30 set @sql = ' update [ ' + @tableName + ' ] set [ ' + @columnName + ' ]= replace([ ' + @columnName + ' ], ''' + @delStr + ''' , '''' ) where [ ' + @columnName + ' ] like '' % ' + @delStr + ' % '''
31 exec sp_executesql @sql
32 set @iRow = @@rowcount
33 set @iResult = @iResult + @iRow
34 if @iRow > 0
35 begin
36 print ' 表: ' + @tableName + ' ,列: ' + @columnName + ' 被更新 ' + convert ( varchar ( 10 ), @iRow ) + ' 条记录; '
37 end
38 fetch next from cur1 into @columnName
39 end
40 close cur1
41 deallocate cur1
42
43 fetch next from cur into @tableName , @tbID
44 end
45 print ' 数据库共有 ' + convert ( varchar ( 10 ), @iResult ) + ' 条记录被更新!!! '
46
47 close cur
48 deallocate cur
49 set nocount off
50
51 -- 彻底杜绝SQL注入
52
53 -- 1.不要使用sa用户连接数据库
54 -- 2、新建一个public权限数据库用户,并用这个用户访问数据库
55 -- 3、[角色]去掉角色public对sysobjects与syscolumns对象的select访问权限
56 -- 4、[用户]用户名称-> 右键-属性-权限-在sysobjects与syscolumns上面打“×”
57 -- 5、通过以下代码检测(失败表示权限正确,如能显示出来则表明权限太高):
58
59 DECLARE @T varchar ( 255 ),
60 @C varchar ( 255 )
61 DECLARE Table_Cursor CURSOR FOR
62 Select a.name,b.name from sysobjects a,syscolumns b
63 where a.id = b.id and a.xtype = ' u ' and (b.xtype = 99 or b.xtype = 35 or b.xtype = 231 or b.xtype = 167 )
64 OPEN Table_Cursor
65 FETCH NEXT FROM Table_Cursor INTO @T , @C
66 WHILE ( @@FETCH_STATUS = 0 )
67 BEGIN print @c + ' ' + @t
68 FETCH NEXT FROM Table_Cursor INTO @T , @C
69 END
70 CLOSE Table_Cursor
71 DEALLOCATE Table_Cursor
72