Question

我面临一个非常奇怪的问题。我的一个客户端服务器，在sql表中有问题。在某些表格列中，自动添加了html div以及特定的链接，为了更多的理解，我已经添加了相同的屏幕截图。

我已经阅读了以下问题， Sql Injection : Data Appended automatically to table column 但一切都是徒劳的。可能这是sql注入，所以我需要一个合适的解决方案。

以下是我的sql代码

if not exists (select Request_id from T0040_Change_Request_Master where Cmp_Id = @Cmp_ID and Request_type = 'Birthdate Change')
begin
        declare @Request_id1 numeric
        select  @Request_id1 = isnull(MAX(Tran_id),0) + 1 from T0040_Change_Request_Master
        INSERT INTO T0040_Change_Request_Master (Tran_id,Request_id,Request_type,Cmp_ID)VALUES(@Request_id1,1,'Birthdate Change',@Cmp_ID)
end

if not exists (select Request_id from T0040_Change_Request_Master where Cmp_Id = @Cmp_ID and Request_type = 'Branch Change')
begin
        declare @Request_id2 numeric
        select  @Request_id2 = isnull(MAX(Tran_id),0) + 1 from T0040_Change_Request_Master
        INSERT INTO T0040_Change_Request_Master (Tran_id,Request_id,Request_type,Cmp_ID)VALUES(@Request_id2,2,'Branch Change',@Cmp_ID)
end

if not exists (select Request_id from T0040_Change_Request_Master where Cmp_Id = @Cmp_ID and Request_type = 'Shift Change')
begin
        declare @Request_id3 numeric
        select  @Request_id3 = isnull(MAX(Tran_id),0) + 1 from T0040_Change_Request_Master
        INSERT INTO T0040_Change_Request_Master (Tran_id,Request_id,Request_type,Cmp_ID)VALUES(@Request_id3,3,'Shift Change',@Cmp_ID)
end

if not exists (select Request_id from T0040_Change_Request_Master where Cmp_Id = @Cmp_ID and Request_type = 'Marital Status Change')
begin
        declare @Request_id4 numeric
        select  @Request_id4 = isnull(MAX(Tran_id),0) + 1 from T0040_Change_Request_Master
        INSERT INTO T0040_Change_Request_Master (Tran_id,Request_id,Request_type,Cmp_ID)VALUES(@Request_id4,4,'Marital Status Change',@Cmp_ID)
end

Html数据自动附加在sql表列中

0 个答案: