搜尋 cross 結果:
DECLARE @tblVariable TABLE(SPID INT, Status VARCHAR(200), [Login] VARCHAR(200), HostName VARCHAR(200),
BlkBy VARCHAR(200), DBName VARCHAR(200), Command VARCHAR(200), CPUTime INT,
DiskIO INT, LastBatch VARCHAR(200), ProgramName VARCHAR(200), _SPID INT,
RequestID INT)
INSERT INTO @tblVariable
EXEC Master.dbo.sp_who2
SELECT v.*, t.TEXT
FROM @tblVariable v
INNER JOIN sys.sysprocesses sp ON sp.spid = v.SPID
CROSS APPLY sys.dm_exec_sql_text(sp.sql_handle) AS t
ORDER BY BlkBy DESC, CPUTime DESC
kill xxx
參考: https://learn.microsoft.com/en-us/answers/questions/842347/sql-server-how-to-find-out-who-lock-my-specific-ta
BlkBy VARCHAR(200), DBName VARCHAR(200), Command VARCHAR(200), CPUTime INT,
DiskIO INT, LastBatch VARCHAR(200), ProgramName VARCHAR(200), _SPID INT,
RequestID INT)
INSERT INTO @tblVariable
EXEC Master.dbo.sp_who2
SELECT v.*, t.TEXT
FROM @tblVariable v
INNER JOIN sys.sysprocesses sp ON sp.spid = v.SPID
CROSS APPLY sys.dm_exec_sql_text(sp.sql_handle) AS t
ORDER BY BlkBy DESC, CPUTime DESC
kill xxx
參考: https://learn.microsoft.com/en-us/answers/questions/842347/sql-server-how-to-find-out-who-lock-my-specific-ta
Bike, 2023/8/17 上午 10:44:05
1. 建立 API Server
.Net 6.0
.Cross Site
.無 Session
.評分機制
2. 前端修改
. 改寫內容頁及編輯頁
. 使用 Vue 及 API
. 增加評分功能
. 上傳圖片問題處理
. 搜尋改用 Google Site Sarch
.Net 6.0
.Cross Site
.無 Session
.評分機制
2. 前端修改
. 改寫內容頁及編輯頁
. 使用 Vue 及 API
. 增加評分功能
. 上傳圖片問題處理
. 搜尋改用 Google Site Sarch
Bike, 2022/1/11 下午 12:05:09
試說明以下程式碼的功用, 以及可改進的部份.
--
基本題:
1. 對 Linq 熟嗎.
2. 對 ASP.Net 的 Cache 熟悉嗎.
3. 用過什麼 ORM, 試說明優缺點.
4. 試說明 MVC 的架構.
資安相關問題:
1. 試說明 SQL Injection
2. 試說明 Cross Site Injection.
3. 上傳檔案要注意的事項.
4. 試說明 cookie 的安全設定 ? same site, secure, http only.
前端相關加分題:
1. jQuery 或 Vue 熟悉嗎 ?
2. 試說明 RWD
3. 試說明 bootstrap
進階問題:
1. 試說明 Reflection
2. 試說明 Dependency Injection
3. 試說明 singleton vs static
4. 試單有兩個欄位 Id, Status (付款待確認: 1.1; 已付款: 2, 訂單已出貨: 3; 訂單取消中: 5; )
狀態 1.1 和 狀態 2 的訂單可取消,取消後改為狀態 5
客人要取消訂單,訂單編號為 123, 試說明程式執行的過程。
string EndDate = Request["EndDate"];
DataTable qtyControls = U2.SQL.DTFromSQL("Select YA00, PD00 from QtyControl Where EndDate > '" + EndDate + "' and SoldQty >= InitQty");
var values = qtyControls.AsEnumerable().Select(r => "('" + r.Field<string>("YA00") + "','" + r.Field<string>("PD00") + "')").ToList();
var sqls = new List<string>();
sqls.Add("Delete StopSaleYAP;");
int start = 0;
while(start < values.Count)
{
var end = start + 999;
if(end > values.Count - 1)
{
end = values.Count;
}
sqls.Add("insert into StopSaleYAP(YA00, PD00) Values" + string.Join(",", values.GetRange(start, end)) + ";");
start = end + 1;
}
U2.SQL.ExecuteSQL(string.Join("\r\n", sqls));
public static bool IsErrorOrder(Order.Input.CheckValidOrder dto)
{
if (dto.OrderNos == null || dto.OrderNos.Count == 0)
{
return false;
}
var orderCount = dto.OrderNos.Count();
var orders = NpreoOrderMain.GetList(dto.OrderNos);
if (orders.Count != orderCount || !dto.OrderNos.Any(x => orders.Select(o => o.Order_No).Contains(x)))
{
return true;
}
return false;
}
var fu = Request.Files[0];
fu.SaveAs(Server.MapPath("UploadFiles/") + fu.FileName);
--
基本題:
1. 對 Linq 熟嗎.
2. 對 ASP.Net 的 Cache 熟悉嗎.
3. 用過什麼 ORM, 試說明優缺點.
4. 試說明 MVC 的架構.
資安相關問題:
1. 試說明 SQL Injection
2. 試說明 Cross Site Injection.
3. 上傳檔案要注意的事項.
4. 試說明 cookie 的安全設定 ? same site, secure, http only.
前端相關加分題:
1. jQuery 或 Vue 熟悉嗎 ?
2. 試說明 RWD
3. 試說明 bootstrap
進階問題:
1. 試說明 Reflection
2. 試說明 Dependency Injection
3. 試說明 singleton vs static
4. 試單有兩個欄位 Id, Status (付款待確認: 1.1; 已付款: 2, 訂單已出貨: 3; 訂單取消中: 5; )
狀態 1.1 和 狀態 2 的訂單可取消,取消後改為狀態 5
客人要取消訂單,訂單編號為 123, 試說明程式執行的過程。
Bike, 2020/10/24 上午 10:24:51
想到的先列出來.
1. 幫 String 擴充屬性(javascript, .NET)
2. SQL Injection.
3. Cross Site Script Attack.
4. 避免排程未完全執行以及重覆執行.
5. 更新 Cache 與 Lock.
6. SQL Transaction.
1. 幫 String 擴充屬性(javascript, .NET)
2. SQL Injection.
3. Cross Site Script Attack.
4. 避免排程未完全執行以及重覆執行.
5. 更新 Cache 與 Lock.
6. SQL Transaction.
Bike, 2017/12/16 下午 04:56:39
--抓所有的 Table
Select * from INFORMATION_SCHEMA.TABLES
--抓所有的 COLUMNS
Select * from INFORMATION_SCHEMA.COLUMNS
--抓欄位的 Description
select
st.name [Table],
sc.name [Column],
sep.value [Description]
from sys.tables st
inner join sys.columns sc on st.object_id = sc.object_id
left join sys.extended_properties sep on st.object_id = sep.major_id
and sc.column_id = sep.minor_id
and sep.name = 'MS_Description'
where st.name = 'TableName'
and sc.name = 'ColumnName'
--修改欄位的 Description.
EXEC sp_updateextendedproperty
@name = N'MS_Description', @value = 'Your description',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName',
@level2type = N'Column', @level2name = 'Name';
EXEC sp_addextendedproperty
@name = N'MS_Description', @value = 'Code description',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName',
@level2type = N'Column', @level2name = 'ColumnName';
--新增 Table 的 extendedproperty
EXEC sp_addextendedproperty
@name = N'Description', @value = 'Hey, here is TableName description!',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName'
GO
--修改 Table 的 extendedproperty
EXEC sp_updateextendedproperty
@name = N'Description', @value = 'Hey, here is my description! 123',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName'
GO
--讀取 Extended Property
SELECT sys.objects.name AS TableName, ep.name AS PropertyName,
ep.value AS Description
FROM sys.objects
CROSS APPLY fn_listextendedproperty(default,
'SCHEMA', schema_name(schema_id),
'TABLE', name, null, null) ep
WHERE sys.objects.name NOT IN ('sysdiagrams')
ORDER BY sys.objects.name
--讀取 Column 的 Description
SELECT objtype, objname, name, value
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', 'TableName', 'column', default);
GO
--讀取特定 Table 的 Description
SELECT *
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', 'TableName', default, default);
GO
--讀取 所有 Table 的 Description
SELECT *
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', default, default, default);
GO
--新增或修改資料表說明
IF not exists(SELECT * FROM ::fn_listextendedproperty (NULL, 'user', 'dbo', 'table', '資料表名稱', NULL, NULL))
BEGIN
exec sp_addextendedproperty 'MS_Description', '資料表說明', 'user', 'dbo', 'table', '資料表名稱'
END
ELSE
BEGIN
exec sp_updateextendedproperty 'MS_Description', '資料表說明', 'user', 'dbo', 'table', '資料表名稱'
END
--新增或修改欄位說明
IF not exists(SELECT * FROM ::fn_listextendedproperty (NULL, 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'))
BEGIN
exec sp_addextendedproperty 'MS_Description', '欄位說明', 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'
END
ELSE
BEGIN
exec sp_updateextendedproperty 'MS_Description', '欄位說明', 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'
END
Select * from INFORMATION_SCHEMA.TABLES
--抓所有的 COLUMNS
Select * from INFORMATION_SCHEMA.COLUMNS
--抓欄位的 Description
select
st.name [Table],
sc.name [Column],
sep.value [Description]
from sys.tables st
inner join sys.columns sc on st.object_id = sc.object_id
left join sys.extended_properties sep on st.object_id = sep.major_id
and sc.column_id = sep.minor_id
and sep.name = 'MS_Description'
where st.name = 'TableName'
and sc.name = 'ColumnName'
--修改欄位的 Description.
EXEC sp_updateextendedproperty
@name = N'MS_Description', @value = 'Your description',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName',
@level2type = N'Column', @level2name = 'Name';
EXEC sp_addextendedproperty
@name = N'MS_Description', @value = 'Code description',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName',
@level2type = N'Column', @level2name = 'ColumnName';
--新增 Table 的 extendedproperty
EXEC sp_addextendedproperty
@name = N'Description', @value = 'Hey, here is TableName description!',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName'
GO
--修改 Table 的 extendedproperty
EXEC sp_updateextendedproperty
@name = N'Description', @value = 'Hey, here is my description! 123',
@level0type = N'Schema', @level0name = 'dbo',
@level1type = N'Table', @level1name = 'TableName'
GO
--讀取 Extended Property
SELECT sys.objects.name AS TableName, ep.name AS PropertyName,
ep.value AS Description
FROM sys.objects
CROSS APPLY fn_listextendedproperty(default,
'SCHEMA', schema_name(schema_id),
'TABLE', name, null, null) ep
WHERE sys.objects.name NOT IN ('sysdiagrams')
ORDER BY sys.objects.name
--讀取 Column 的 Description
SELECT objtype, objname, name, value
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', 'TableName', 'column', default);
GO
--讀取特定 Table 的 Description
SELECT *
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', 'TableName', default, default);
GO
--讀取 所有 Table 的 Description
SELECT *
FROM fn_listextendedproperty (NULL, 'schema', 'dbo', 'table', default, default, default);
GO
--新增或修改資料表說明
IF not exists(SELECT * FROM ::fn_listextendedproperty (NULL, 'user', 'dbo', 'table', '資料表名稱', NULL, NULL))
BEGIN
exec sp_addextendedproperty 'MS_Description', '資料表說明', 'user', 'dbo', 'table', '資料表名稱'
END
ELSE
BEGIN
exec sp_updateextendedproperty 'MS_Description', '資料表說明', 'user', 'dbo', 'table', '資料表名稱'
END
--新增或修改欄位說明
IF not exists(SELECT * FROM ::fn_listextendedproperty (NULL, 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'))
BEGIN
exec sp_addextendedproperty 'MS_Description', '欄位說明', 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'
END
ELSE
BEGIN
exec sp_updateextendedproperty 'MS_Description', '欄位說明', 'user', 'dbo', 'table', '資料表名稱', 'column', '欄位名稱'
END
Bike, 2016/6/29 下午 04:42:25
這是指網址列的參數未經處理直接丟回頁面造成的問題.
例如 a.aspx 中, 參數 R 會被丟回頁面, 則 <a href='http://yahoo.com/a.aspx?R=<script>...</script>'>Yahoo 大拍賣</a> 這種網址放在某人的 blog 中, 點選的人已登入 yahoo, 那就中奬了, script 中的程式可以把你的 cookie 丟到其它的網站去, 或是用你的身份做一些其它的事情..
例如 a.aspx 中, 參數 R 會被丟回頁面, 則 <a href='http://yahoo.com/a.aspx?R=<script>...</script>'>Yahoo 大拍賣</a> 這種網址放在某人的 blog 中, 點選的人已登入 yahoo, 那就中奬了, script 中的程式可以把你的 cookie 丟到其它的網站去, 或是用你的身份做一些其它的事情..
Bike, 2015/10/29 下午 07:58:03
若是最簡單的方式來設定 cookie 時, document.cookie = "name=value";, 會使用目前網頁所在的 Path 做為預設的 Path,所以若是從另一個目錄的網頁來讀 cookie 時, 有可能會讀不到。
解決的辨法是指定 Path 為 "/" 如下, document.cookie = "name=value;path=/";
解決的辨法是指定 Path 為 "/" 如下, document.cookie = "name=value;path=/";
Bike, 2015/5/9 下午 12:50:54
今天去亞卡讀書會剛好有提到跨站的 ajax
除了JSONP之外,其實W3C也有訂標準
http://www.w3.org/TR/cors/
https://developer.mozilla.org/zh-TW/docs/HTTP/Access_control_CORS
基本精神就是
A網站呼叫B網站
A網站的Request Header要加上 Origin: (這個瀏覽器會自動加上)
B網站Response Header要加上一些 Access-Control-Allow-Origin:
這樣就可以通了 不過Request並不會帶上B網站的cookies
若是希望 Request 時也要送上 cookies 資訊,則http物件要加上 .withCredentials = true
不過 IE7以下確定是不支援這的機制,IE8以上則還要測看看
除了JSONP之外,其實W3C也有訂標準
http://www.w3.org/TR/cors/
https://developer.mozilla.org/zh-TW/docs/HTTP/Access_control_CORS
基本精神就是
A網站呼叫B網站
A網站的Request Header要加上 Origin: (這個瀏覽器會自動加上)
B網站Response Header要加上一些 Access-Control-Allow-Origin:
這樣就可以通了 不過Request並不會帶上B網站的cookies
若是希望 Request 時也要送上 cookies 資訊,則http物件要加上 .withCredentials = true
不過 IE7以下確定是不支援這的機制,IE8以上則還要測看看
darren, 2013/5/14 下午 11:40:25
USE [master]
GO
/****** Object: StoredProcedure [dbo].[sp_who3] Script Date: 06/26/2008 09:40:54 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
CREATE PROCEDURE [dbo].[sp_who3]
(
@filter tinyint = 1,
@filterspid int = NULL
)
AS
SET NOCOUNT ON;
DECLARE @processes TABLE
(
spid int,
blocked int,
databasename varchar(256),
hostname varchar(256),
program_name varchar(256),
loginame varchar(256),
status varchar(60),
cmd varchar(128),
cpu int,
physical_io int,
[memusage] int,
login_time datetime,
last_batch datetime,
current_statement_parent xml,
current_statement_sub xml)
INSERT INTO @processes
SELECT sub.*
FROM
(
SELECT sp.spid,
sp.blocked,
sd.name,
RTRIM(sp.hostname) AS hostname,
RTRIM(sp.[program_name]) AS [program_name],
RTRIM(sp.loginame) AS loginame,
RTRIM(sp.status) AS status,
sp.cmd,
sp.cpu,
sp.physical_io,
sp.memusage,
sp.login_time,
sp.last_batch,
(
SELECT
LTRIM(st.text) AS [text()]
FOR XML PATH(''), TYPE
) AS parent_text,
(
SELECT
LTRIM(CASE
WHEN LEN(COALESCE(st.text, '')) = 0 THEN NULL
ELSE SUBSTRING(st.text, (er.statement_start_offset/2)+1,
((CASE er.statement_end_offset
WHEN -1 THEN DATALENGTH(st.text)
ELSE er.statement_end_offset
END - er.statement_start_offset)/2) + 1)
END) AS [text()]
FROM sys.dm_exec_requests er CROSS APPLY sys.dm_exec_sql_text(er.sql_handle) AS st
WHERE er.session_id = sp.spid
FOR XML PATH(''), TYPE
) AS child_text
FROM sys.sysprocesses sp WITH (NOLOCK) LEFT JOIN sys.sysdatabases sd WITH (NOLOCK) ON sp.dbid = sd.dbid
CROSS APPLY sys.dm_exec_sql_text(sp.sql_handle) AS st
) sub INNER JOIN sys.sysprocesses sp2 ON sub.spid = sp2.spid
ORDER BY
sub.spid
-- if specific spid required
IF @filterspid IS NOT NULL
DELETE @processes
WHERE spid <> @filterspid
-- remove system processes
IF @filter = 1 OR @filter = 2
DELETE @processes
WHERE spid < 51
OR spid = @@SPID
-- remove inactive processes
IF @filter = 2
DELETE @processes
WHERE status = 'sleeping'
AND cmd IN ('AWAITING COMMAND')
AND blocked = 0
SELECT spid,
blocked,
databasename,
hostname,
loginame,
status,
current_statement_parent,
current_statement_sub,
cmd,
cpu,
physical_io,
program_name,
login_time,
last_batch
FROM @processes
ORDER BY spid
RETURN 0;
查詢過濾sp_who3
DECLARE @Table TABLE(
spid int,
blocked int,
databasename varchar(256),
hostname varchar(256),
loginame varchar(256),
status varchar(60),
current_statement_parent xml,
current_statement_sub xml,
cmd varchar(128),
cpu int,
physical_io int,
program_name varchar(256),
login_time datetime,
last_batch datetime
)
INSERT INTO @Table EXEC sp_who3
SELECT *
FROM @Table
WHERE databasename= 'Leon' and cmd = 'AWAITING COMMAND'
and CAST(current_statement_parent AS nvarchar(max)) not LIKE '%AspNet_SqlCachePollingStoredProcedure%'
order by CAST(current_statement_parent AS nvarchar(max))
Reiko, 2013/5/3 上午 10:48:08
從網路找到改良的,直接查不用開Sql Profiler
加入可指定資料庫的改良
SELECT TOP 100 execution_count, total_worker_time, last_worker_time, max_worker_time, min_worker_time, CONVERT(INT, att.value) AS dbid, DB_NAME(CONVERT(INT, att.value)) as dbname ,SUBSTRING(st.text, (qs.statement_start_offset/2) + 1,((CASE statement_end_offset WHEN -1 THEN DATALENGTH(st.text)ELSE qs.statement_end_offset END - qs.statement_start_offset)/2) + 1) as statement_text
FROM sys.dm_exec_query_stats as qs
CROSS APPLY sys.dm_exec_sql_text(qs.sql_handle) as st
CROSS APPLY sys.dm_exec_plan_attributes(qs.plan_handle) att
WHERE att.attribute='dbid' and DB_NAME(CONVERT(INT, att.value)) = 'P9'
ORDER BY execution_count DESC
以執行次數排序,可檢查爆量的Sql
Where statement_start_offset =0 測起來可以篩掉系統的Query,如:AspNet_SqlCache
以總執行時間排序,檢查寫耗時的Sql
結果如下
加入可指定資料庫的改良
SELECT TOP 100 execution_count, total_worker_time, last_worker_time, max_worker_time, min_worker_time, CONVERT(INT, att.value) AS dbid, DB_NAME(CONVERT(INT, att.value)) as dbname ,SUBSTRING(st.text, (qs.statement_start_offset/2) + 1,((CASE statement_end_offset WHEN -1 THEN DATALENGTH(st.text)ELSE qs.statement_end_offset END - qs.statement_start_offset)/2) + 1) as statement_text
FROM sys.dm_exec_query_stats as qs
CROSS APPLY sys.dm_exec_sql_text(qs.sql_handle) as st
CROSS APPLY sys.dm_exec_plan_attributes(qs.plan_handle) att
WHERE att.attribute='dbid' and DB_NAME(CONVERT(INT, att.value)) = 'P9'
ORDER BY execution_count DESC
以執行次數排序,可檢查爆量的Sql
Where statement_start_offset =0 測起來可以篩掉系統的Query,如:AspNet_SqlCache
SELECT TOP 10 execution_count, total_worker_time, last_worker_time, max_worker_time, min_worker_time, SUBSTRING(st.text, (qs.statement_start_offset/2) + 1,((CASE statement_end_offset WHEN -1 THEN DATALENGTH(st.text)ELSE qs.statement_end_offset END - qs.statement_start_offset)/2) + 1) as statement_text
FROM sys.dm_exec_query_stats as qs CROSS APPLY sys.dm_exec_sql_text(qs.sql_handle) as st
WHERE statement_start_offset = 0
ORDER BY execution_count DESC
以總執行時間排序,檢查寫耗時的Sql
SELECT TOP 10 total_worker_time, last_worker_time, max_worker_time, min_worker_time, SUBSTRING(st.text, (qs.statement_start_offset/2) + 1,((CASE statement_end_offset WHEN -1 THEN DATALENGTH(st.text)ELSE qs.statement_end_offset END - qs.statement_start_offset)/2) + 1) as statement_text
FROM sys.dm_exec_query_stats as qs CROSS APPLY sys.dm_exec_sql_text(qs.sql_handle) as st
ORDER BY max_worker_time DESC
結果如下
Jerry, 2012/6/8 下午 12:50:24