仓酷云

 找回密码
 立即注册
搜索
热搜: 活动 交友 discuz
查看: 2073|回复: 9
打印 上一主题 下一主题

[学习教程] MSSQL网站制作之怎样将全文检索中的“搅扰词”往除

[复制链接]
蒙在股里 该用户已被删除
跳转到指定楼层
楼主
发表于 2015-1-16 22:27:52 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
mysql使用内部操作字符集gbk来进行操作,即执行"SELECT*FROMtestWHEREname=xxxor1=1/*LIMIT1";从而注入成功全文检索
包含以下内容,然后挪用:remove_noise_word()便可



<SCRIPTLANGUAGE=javascript>
<!--
noise_word_list_ch=newArray("?","about","$","1","2","3","4","5","6","7","8","9","0","_",
"a","b","c","d","e","f","g","h","i","j","k","l","m","n","o",
"p","q","r","s","t","u","v","w","x","y","z","after","all","also",
"an","and","another","any","are","as","at","be","because","been",
"before","being","between","both","but","by","came","can","come",
"could","did","do","each","for","from","get","got","had","has",
"have","he","her","here","him","himself","his","how","if","in","into",
"is","it","like","make","many","me","might","more","most","much","must",
"my","never","now","of","on","only","or","other","our","out","over","said",
"same","see","should","since","some","still","such","take","than","that",
"the","their","them","then","there","these","they","this","those","through",
"to","too","under","up","very","was","way","we","well","were","what","where",
"which","while","who","with","would","you","your",
"的","一","不","在","人","有","是","为","以","于","上","他","而","后","之","来",
"及","了","因","下","可","到","由","这","与","也","此","但","并","个","其","已",
"无","小","我","们","起","最","再","今","往","好","只","又","或","很","亦","某",
"把","那","你","乃","它");

functiontrim_str_key(inputVal){
inputStr=inputVal.toString()
while((inputStr.charAt(inputStr.length-1)=="")||(inputStr.charAt(0)=="")){

//假如最右侧为空格则删往
if(inputStr.charAt(inputStr.length-1)==""){
inputStr=inputStr.substring(0,inputStr.length-1)
}
//假如最右边为空格则删往
if(inputStr.charAt(0)==""){
inputStr=inputStr.substring(1,inputStr.length)
}
}
returninputStr
}

functionis_ch_noise_word(str_key){
varkey_word=trim_str_key(str_key);
key_word=key_word.toLowerCase();
varlistlength=noise_word_list_ch.length;
vartmp_str="";
for(i=0;i<listlength;i++){
tmp_str=noise_word_list_ch[i]
if(tmp_str==key_word){
returntrue;
}
}
returnfalse;
}

functionremove_noise_word(str_source){
vartmp_str="";
varch="";
varstr_out="";
vari=0;
str_source=trim_str_key(str_source);
varstr_source_length=str_source.length;

if(str_source_length==0){
returnstr_out;
}

for(i=0;i<str_source_length;i++){
ch=str_source.charAt(i);
if(ch==""){//假如为空格则暗示是下一个关头词
if(!(is_ch_noise_word(tmp_str))){//不是搅扰词就输入
if(tmp_str!=""){//避免一连的两个空格
str_out=str_out+tmp_str+"";
}
}
tmp_str="";
}
else{
tmp_str=tmp_str+ch;
}
}
str_out=str_out+tmp_str;
returntrim_str_key(str_out);
}

//上面是一个测试
//varabc="avn";
//varnnnn=remove_noise_word(abc);
//alert(nnnn);
//-->
</SCRIPT>

你看出了作者的深度?深处半米!当初是冲那么多的大牛给他写序才买的,后来才发现无啥内容,作者也只是才用几年的新手,百花了几十两银子,再次感叹当今社会的虚伪与浮躁
精灵巫婆 该用户已被删除
沙发
发表于 2015-1-17 13:18:47 | 只看该作者
代替了原来VB式的错误判断。比Oracle高级不少。
柔情似水 该用户已被删除
板凳
发表于 2015-1-20 19:10:38 | 只看该作者
对于数据库来说,查询是数据库的灵魂,那么SQL查询效率究竟效率如何呢?下文将带对SQL查询的相关问题进行讨论,供您参考。
不帅 该用户已被删除
地板
发表于 2015-1-29 15:35:28 | 只看该作者
在select语句中可以使用groupby子句将行划分成较小的组,然后,使用聚组函数返回每一个组的汇总信息,另外,可以使用having子句限制返回的结果集。
透明 该用户已被删除
5#
发表于 2015-2-6 02:30:46 | 只看该作者
多加的系统视图和实时系统信息这些东西对DBA挑优非常有帮助,但是感觉粒度还是不太细。
蒙在股里 该用户已被删除
6#
 楼主| 发表于 2015-2-15 02:35:54 | 只看该作者
所以你总能得到相应的升级版本,来满足你的需求。
7#
发表于 2015-3-4 11:08:02 | 只看该作者
学习SQL语言的话如果要学会去做网站就不是很难!但是要做数据库管理的话就有难度了!
再现理想 该用户已被删除
8#
发表于 2015-3-11 18:42:03 | 只看该作者
groupby子句可以将查询结果分组,并返回行的汇总信息Oracle按照groupby子句中指定的表达式的值分组查询结果。
深爱那片海 该用户已被删除
9#
发表于 2015-3-19 07:54:42 | 只看该作者
对递归类的树遍历很有帮助。个人感觉这个真是太棒了!阅读清晰,非常有时代感。
活着的死人 该用户已被删除
10#
发表于 2015-3-27 16:10:42 | 只看该作者
如果处理少量数据,比如几百条记录的数据,我不知道这两种情况哪个效率更高,如果处理大量数据呢?比如有表中有20万条记录.
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|Archiver|手机版|仓酷云 鄂ICP备14007578号-2

GMT+8, 2024-12-23 08:09

Powered by Discuz! X3.2

© 2001-2013 Comsenz Inc.

快速回复 返回顶部 返回列表