设为首页  加入收藏  联系我们 繁體中文  

黑客软件:
  漏洞扫描 | 木马间谍 | 加密解密 | 远程控制 | 破坏攻击 | 杀毒软件 | 防火墙类 | OICQ专区 | 黑客必备 | 常用工具 | 网吧攻击
文章中心:   最新资讯 | 黑客技术 | 电脑基础 | 菜鸟文摘 | 网络安全 | 网络技巧 | QQ技巧 | OQ空间代码 | 免费资源 | 编程世界 | 建站技术
素材源码:   论坛相关 | ASP源码 | CGI 源码 | NET 源码 | PHP 源码 | 酷站素材 | 字体素材 | 图片素材 | 友情发布 | 网页模版 | 建站软件
教程动画:   黑客教程 | 黑客编程 | 网站入侵 | 菜鸟教程 | 入侵教程 | 破解教程 | 电子书籍 | 网页制作 | 高级会员 | 综合教程 | 本站原创
   

  您当前的位置:中华隐士黑客联盟 -> 网络安全 -> 文章内容 [站内搜索]  

 
浅谈中国英才网数据安全问题
作者:不详  来源:转载  发布时间:2006-12-27 17:34:46  发布人:heigeheapao

投递简历
SELECT cv_auto_id,user_id,CVTitle,CVStatus,
               UserGroup,UpdateDate,ViewCount,OpenCVLang,
               OpenLevel,ChangeStateDate,AcceptDirCV,CVMethod,CVStyle,
               XMLCNDate,XMLENDate,IsShowPic
        FROM cv_base
        WHERE user_id = @user_id and IsDel!=1 ORDER BY cv_auto_id

修改简历就这样???
BEGIN   
    --中文   
    IF(@ResumeType=0)   
    BEGIN   
        --中文简历   
        SELECT [pf].[gender] AS [gender],[pf].[birthday] AS [birthday],[pf].[ResidenceState] AS [ResidenceState]
        ,[pf].[ResidenceCity] AS [ResidenceCity],[pf].[OtherCityCN] AS [OtherCity],[pf].[HuKouState] AS [HuKouState]
        ,[pf].[HuKouCity] AS [HuKouCity],[pf].[IDType] AS [IDType],[pf].[IDNo] AS [IDNo],[pf].[Degree] AS [Degree]
        ,[pf].[polity] AS [polity],[pf].[homepage] AS [homepage],[pf].[contact_type1] AS [contact_type1]
        ,[pf].[contact_no1] AS [contact_no1],[pf].[contact_type2] AS [contact_type2],[pf].[contact_no2] AS [contact_no2]
        ,[pf].[contact_type3] AS [contact_type3],[pf].[contact_no3] AS [contact_no3],[pf].[postalcode] AS [postalcode]
        ,[pf].[NameCN],[pf].[NameEN],[pf].[NationalityCN] AS [Nationality],[pf].[AddrCN] AS [Addr],[pf].[wed_state] AS [WedState]
        ,[cb].[prc_loc] AS [Stu_HuKouLoc],[cb].[prc_other_locCN] AS [Stu_HukouOther],[cb].[appl_type] AS [Appl_type],[cb].[graduate_date] AS [Graduate_Date]   
        FROM [cv_profile] AS [pf] LEFT OUTER JOIN [cv_compus_basic] AS [cb]
        ON [pf].[user_id]=[cb].[user_id]    
        WHERE [pf].[user_id]=@user_id   
    END   
    ELSE   
    BEGIN   
        --英文简历   
        SELECT [pf].[gender] AS [gender],[pf].[birthday] AS [birthday],[pf].[ResidenceState] AS [ResidenceState]
        ,[pf].[ResidenceCity] AS [ResidenceCity],[pf].[OtherCityCN] AS [OtherCity],[pf].[HuKouState] AS [HuKouState]
        ,[pf].[HuKouCity] AS [HuKouCity],[pf].[IDType] AS [IDType],[pf].[IDNo] AS [IDNo],[pf].[Degree] AS [Degree]
        ,[pf].[polity] AS [polity],[pf].[homepage] AS [homepage],[pf].[contact_type1] AS [contact_type1]
        ,[pf].[contact_no1] AS [contact_no1],[pf].[contact_type2] AS [contact_type2],[pf].[contact_no2] AS [contact_no2]
        ,[pf].[contact_type3] AS [contact_type3],[pf].[contact_no3] AS [contact_no3],[pf].[postalcode] AS [postalcode]   
        ,[pf].[NameEN],[pf].[NameCN],[pf].[NationalityEN] AS [Nationality],[pf].[AddrEN] AS [Addr],[pf].[wed_state] AS [WedState]    
        ,[cb].[prc_loc] AS [Stu_HuKouLoc],[cb].[prc_other_locEN] AS [Stu_HukouOther],[cb].[appl_type] AS [Appl_type],[cb].[graduate_date] AS [Graduate_Date]    
        FROM [cv_profile] AS [pf] LEFT OUTER JOIN [cv_compus_basic] AS [cb]
        ON [pf].[user_id]=[cb].[user_id]    
        WHERE [pf].[user_id]=@user_id   
    END   
END

查询简历
SELECT cv_auto_id,user_id,CVTitle,CVStatus,
               UserGroup,UpdateDate,ViewCount,OpenCVLang,
               OpenLevel,ChangeStateDate,AcceptDirCV,CVMethod,CVStyle,
               XMLCNDate,XMLENDate,IsShowPic
        FROM cv_base
        WHERE user_id = @user_id and IsDel!=1 ORDER BY cv_auto_id

SELECT COUNT(agentisold.agent_id) as agentCount FROM agentisold left join job_agent on agentisold.agent_id=job_agent.auto_id where user_id=@userId

|UserId   |Int64|
|PageSize |Int16|
|PageIndex|Int16|
查询内容

DECLARE @SqlString  nvarchar(4000)
       
   SELECT count([auto_id]) as RecordCount FROM jobs_favorite WHERE [user_id]=@UserId AND [JobStatus]=0  AND IsDel = 0   
         
   IF @PageIndex=0    
   BEGIN   
    SET @SqlString='  
    SELECT TOP '+Cast(@PageSize as nvarchar)+' [auto_id],[JobPostDate],[SaveDate],[CompanyID],[CompanyName],[PositionId],[PositionName],[JobStatus],[CVStatus],[CvTitle],IsApply = CASE WHEN DATEDIFF(day, SaveDate, GETDATE()) <= 7 THEN 0 ELSE 1 END
    FROM jobs_favorite     JF 
    WHERE [user_id]=' + CONVERT( VARCHAR(50),@UserId ) + ' AND [JobStatus]=0   AND IsDel = 0  
    ORDER BY [SaveDate] desc'   
   END   
   ELSE   
   BEGIN           
    SET @SqlString='   
    SELECT TOP '+Cast(@PageSize as nvarchar)+' [auto_id],[JobPostDate],[SaveDate],[CompanyID],[CompanyName],[PositionId],[PositionName],[JobStatus],[CVStatus],[CvTitle] ,IsApply = CASE WHEN DATEDIFF(day, SaveDate, GETDATE()) <= 7 THEN 0 ELSE 1 END
    FROM jobs_favorite     JF 
    WHERE ([user_id]=' + CONVERT( VARCHAR(50),@UserId ) + ' AND [JobStatus]=0) AND  IsDel = 0 AND  [auto_id] NOT IN   
    (SELECT TOP '+Cast(@PageIndex*@PageSize as nvarchar)+' [auto_id] FROM jobs_favorite WHERE [user_id]=' + CONVERT( VARCHAR(50),@UserId ) + ' AND [JobStatus]=0  AND IsDel = 0 ORDER BY [SaveDate] desc)   
    ORDER BY [SaveDate] desc'   
             
   END    
         
   Execute(@SqlString)

没想到中国英才网的,企业数据表这样简单
|name         |type    |
------------------------
|@ApplyType   |Byte    |  
|@user_id     |Int64   |   
|@SaveDate    |DateTime|    
|@CompanyName |String  |    
|@PositionId  |Decimal |      
|@PositionName|String  |      
|@JobPostDate |DateTime|    
|@ExpectState |String  | 
|@JobStatus   |Byte    |    
|@CVTitle     |String  |       
|@CVStatus    |Byte    |    
|@CompanyID   |Int64   |         
|@auto_id     |Int32   |
[] [返回上一页] [打 印] [收 藏]
  [相关文章评论]    (评论内容只代表网友观点,与本站立场无关!) [更多评论...]
 

  浅谈小学生的自我管..
浅谈如何开展小学班..
黑客技巧之浅谈网络..
浅谈用VB6.0编写“特..
浅谈网络入侵的提高..
浅谈Linux操作系统K..
浅谈网络入侵的提高..
Linux新手必看:浅谈..
入侵检测 浅谈安全扫..
入侵检测 浅谈安全扫..


  
中华隐士黑客联盟
最新免费在线看的电影网站集绵
免费获得Q币的最新方法
最新QQ空间4.0全屏版效果图!!
不用木马,轻松万能偷盗QQ号码
本站超级酷的Flash (不看会后悔的..
黑客快速入门(强烈推荐)
18岁少女欲6000元卖处女身 救患血..
揭秘远程破解盗窃QQ密码的各种方..
QQ密码本地破解的原理和方法
 
《黄金甲》被黑客用来传毒 12-27
浅谈中国英才网数据安全问题 12-27
带注释手动注入脚本命令整理 12-27
vista版本介绍 12-27
XP防火墙不堪一击 12-27
Google代码可能被黑客利用发动攻.. 12-27
黑客经验之sa弱口令强行入侵 12-27
妙除QQ病毒,让隐藏文件现身 12-27
雷驰新闻发布管理系统(任何版本).. 12-27
利用X-scan漏洞扫描软件发现系统.. 12-27
 
关于本站 网站帮助 广告合作 下载声明 友情连接 网站地图 访客留言 论坛登录
〖中华隐士黑客联盟〗,Copyright © 2006-2010 WwW.Hack86.Com 闽ICP备:06023304号
站长:小质 QQ:771760,软件发布MAIL:Hack086@21cn.com