zoukankan      html  css  js  c++  java
  • SQL过滤敏感字符

    /// <summary>
            /// SQL过滤敏感字符
            /// </summary>
            /// <param name="InText">要特殊过滤的字符串</param>
            /// <returns>过滤后的字符串</returns>
            public static string SqlFilterSpecial(string InText)
            {
                if (InText == "") //如果字符串为空,直接返回。
                {
                    return InText;
                }
                else
                {
                    InText = InText.Replace("and ", "");
                    InText = InText.Replace("exec ", "");
                    InText = InText.Replace("insert ", "");
                    InText = InText.Replace("select ", "");
                    InText = InText.Replace("delete ", "");
                    InText = InText.Replace("update ", "");
                    InText = InText.Replace(" and", "");
                    InText = InText.Replace(" exec", "");
                    InText = InText.Replace(" insert", "");
                    InText = InText.Replace(" select", "");
                    InText = InText.Replace(" delete", "");
                    InText = InText.Replace(" update ", "");
                    InText = InText.Replace("chr ", "");
                    InText = InText.Replace("mid ", "");
                    InText = InText.Replace(" chr", "");
                    InText = InText.Replace(" mid", "");
                    InText = InText.Replace("master ", "");
                    InText = InText.Replace(" master", "");
                    InText = InText.Replace("or ", "");
                    InText = InText.Replace(" or", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace("char ", "");
                    InText = InText.Replace("declare ", "");
                    InText = InText.Replace("join ", "");
                    InText = InText.Replace("union ", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace(" char", "");
                    InText = InText.Replace(" declare", "");
                    InText = InText.Replace(" join", "");
                    InText = InText.Replace(" union", "");
                    InText = InText.Replace("'", "");
                    InText = InText.Replace("<", "");
                    InText = InText.Replace(">", "");
                    InText = InText.Replace("%", "");
                    InText = InText.Replace("'delete", "");
                    InText = InText.Replace("''", "");
                    InText = InText.Replace("\"\"", "");
                    InText = InText.Replace(",", "");
                    InText = InText.Replace(">=", "");
                    InText = InText.Replace("=<", "");
                    InText = InText.Replace("--", "");
                    InText = InText.Replace("_", "");
                    InText = InText.Replace(";", "");
                    InText = InText.Replace("||", "");
                    InText = InText.Replace("[", "");
                    InText = InText.Replace("]", "");
                    InText = InText.Replace("&", "");
                    InText = InText.Replace("/", "");
                    InText = InText.Replace("?", "");
                    InText = InText.Replace(">?", "");
                    InText = InText.Replace("?<", "");
                    InText = InText.Replace(" ", "");
                    return InText;
                }
            }
  • 相关阅读:
    树状数组基本操作
    P1802 5倍经验日 题解
    函数学习总结
    康托展开
    中国电信CDMA无线上网卡短信收发
    报错:无法获取实体类XXX对应的表名!
    javajvisualvm远程监控云服务器上的Tomcat8.5
    服务器防火墙开放端口
    报错:列"AGENT_ENTITY_NAME"的值太大(实际值: 60,最大值50) oracle VARCHAR2和NVARCHAR2的区别
    linux中查看端口是否被占用lsof i:port
  • 原文地址:https://www.cnblogs.com/MySpace/p/1599871.html
Copyright © 2011-2022 走看看