zoukankan      html  css  js  c++  java

  • SQL过滤敏感字符

    /// <summary>
            /// SQL过滤敏感字符
            /// </summary>
            /// <param name="InText">要特殊过滤的字符串</param>
            /// <returns>过滤后的字符串</returns>
            public static string SqlFilterSpecial(string InText)
            {
                if (InText == "") //如果字符串为空,直接返回。
                {
                    return InText;
                }
                else
                {
                    InText = InText.Replace("and ", "");
                    InText = InText.Replace("exec ", "");
                    InText = InText.Replace("insert ", "");
                    InText = InText.Replace("select ", "");
                    InText = InText.Replace("delete ", "");
                    InText = InText.Replace("update ", "");
                    InText = InText.Replace(" and", "");
                    InText = InText.Replace(" exec", "");
                    InText = InText.Replace(" insert", "");
                    InText = InText.Replace(" select", "");
                    InText = InText.Replace(" delete", "");
                    InText = InText.Replace(" update ", "");
                    InText = InText.Replace("chr ", "");
                    InText = InText.Replace("mid ", "");
                    InText = InText.Replace(" chr", "");
                    InText = InText.Replace(" mid", "");
                    InText = InText.Replace("master ", "");
                    InText = InText.Replace(" master", "");
                    InText = InText.Replace("or ", "");
                    InText = InText.Replace(" or", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace("char ", "");
                    InText = InText.Replace("declare ", "");
                    InText = InText.Replace("join ", "");
                    InText = InText.Replace("union ", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace(" char", "");
                    InText = InText.Replace(" declare", "");
                    InText = InText.Replace(" join", "");
                    InText = InText.Replace(" union", "");
                    InText = InText.Replace("'", "");
                    InText = InText.Replace("<", "");
                    InText = InText.Replace(">", "");
                    InText = InText.Replace("%", "");
                    InText = InText.Replace("'delete", "");
                    InText = InText.Replace("''", "");
                    InText = InText.Replace("\"\"", "");
                    InText = InText.Replace(",", "");
                    InText = InText.Replace(">=", "");
                    InText = InText.Replace("=<", "");
                    InText = InText.Replace("--", "");
                    InText = InText.Replace("_", "");
                    InText = InText.Replace(";", "");
                    InText = InText.Replace("||", "");
                    InText = InText.Replace("[", "");
                    InText = InText.Replace("]", "");
                    InText = InText.Replace("&", "");
                    InText = InText.Replace("/", "");
                    InText = InText.Replace("?", "");
                    InText = InText.Replace(">?", "");
                    InText = InText.Replace("?<", "");
                    InText = InText.Replace(" ", "");
                    return InText;
                }
            }
  • 相关阅读:
    c++继承中的内存布局
    函数调用的原理4点:函数产生名不同,压栈顺序不同,不应由客户清理,客户清理则可执行文件大小更大(许多参考文章,有汇编解释)
    黑马程序员:Java基础总结----JavaBean 内省
    汇编语言理解指针(指针就是汇编的间接寻址,其实就是一个简单方便的运算指令,计算完毕直接就赋值,不是从内存中去取值后赋值)
    设计项目时候的几个小标记
    SendTextMessage如何打开记事本并显示指定内容
    汇编语言---call和ret指令
    汇编语言转移指令规则汇总
    SharePoint Access Service-PowerShell
    对所有CPU寄存器的简述(16位CPU14个,32位CPU16个)
  • 原文地址:https://www.cnblogs.com/MySpace/p/1599871.html
Copyright © 2011-2022 走看看