国内一个网站居然把SQL直接贴在源代码里面了

原创
2011/03/10 15:39
阅读数 174

工作需要,对一些网站进行研究,发现国内某招聘网站的源代码真NB,居然把SQL语句贴在源代码的末尾,真危险哦,看看:

 

</body>
</html>
<div style="display:none;">02.04688 秒
select top 1000 id from new_search_job_result_data where Job_state=0 and datediff(month,Job_renovate_date,getdate()) < 3 and ( left(Job_work_city_id1,2)=11 or left(Job_work_city_id2,2)=11 or left(Job_work_city_id3,2)=11 ) and ( left(Job_station_id1,2)=10 or left(Job_station_id2,2)=10 or left(Job_station_id3,2)=10 ) and Job_issue_date >=datediff(dd,30,getdate()) and Com_serviceStatus=1 and Com_memberStatus<>0 order by Job_renovate_date desc
</div>
select top 1000 id from new_search_job_result_data where Job_state=0 and datediff(month,Job_renovate_date,getdate()) < 3  and ( left(Job_work_city_id1,2)=11 or left(Job_work_city_id2,2)=11 or left(Job_work_city_id3,2)=11 ) and ( left(Job_station_id1,2)=10 or left(Job_station_id2,2)=10 or left(Job_station_id3,2)=10 ) and Job_issue_date >=datediff(dd,30,getdate()) and Com_serviceStatus=1  and Com_memberStatus<>0 order by Job_renovate_date desc

太NB了,佩服的五体投地,而且还是放在</html>标签后面

 

展开阅读全文
打赏
0
1 收藏
分享
加载中
更多评论
打赏
0 评论
1 收藏
0
分享
返回顶部
顶部