zoukankan      html  css  js  c++  java
  • SQL过滤敏感字符

    /// <summary>
            /// SQL过滤敏感字符
            /// </summary>
            /// <param name="InText">要特殊过滤的字符串</param>
            /// <returns>过滤后的字符串</returns>
            public static string SqlFilterSpecial(string InText)
            {
                if (InText == "") //如果字符串为空,直接返回。
                {
                    return InText;
                }
                else
                {
                    InText = InText.Replace("and ", "");
                    InText = InText.Replace("exec ", "");
                    InText = InText.Replace("insert ", "");
                    InText = InText.Replace("select ", "");
                    InText = InText.Replace("delete ", "");
                    InText = InText.Replace("update ", "");
                    InText = InText.Replace(" and", "");
                    InText = InText.Replace(" exec", "");
                    InText = InText.Replace(" insert", "");
                    InText = InText.Replace(" select", "");
                    InText = InText.Replace(" delete", "");
                    InText = InText.Replace(" update ", "");
                    InText = InText.Replace("chr ", "");
                    InText = InText.Replace("mid ", "");
                    InText = InText.Replace(" chr", "");
                    InText = InText.Replace(" mid", "");
                    InText = InText.Replace("master ", "");
                    InText = InText.Replace(" master", "");
                    InText = InText.Replace("or ", "");
                    InText = InText.Replace(" or", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace("char ", "");
                    InText = InText.Replace("declare ", "");
                    InText = InText.Replace("join ", "");
                    InText = InText.Replace("union ", "");
                    InText = InText.Replace("truncate ", "");
                    InText = InText.Replace(" char", "");
                    InText = InText.Replace(" declare", "");
                    InText = InText.Replace(" join", "");
                    InText = InText.Replace(" union", "");
                    InText = InText.Replace("'", "");
                    InText = InText.Replace("<", "");
                    InText = InText.Replace(">", "");
                    InText = InText.Replace("%", "");
                    InText = InText.Replace("'delete", "");
                    InText = InText.Replace("''", "");
                    InText = InText.Replace("\"\"", "");
                    InText = InText.Replace(",", "");
                    InText = InText.Replace(">=", "");
                    InText = InText.Replace("=<", "");
                    InText = InText.Replace("--", "");
                    InText = InText.Replace("_", "");
                    InText = InText.Replace(";", "");
                    InText = InText.Replace("||", "");
                    InText = InText.Replace("[", "");
                    InText = InText.Replace("]", "");
                    InText = InText.Replace("&", "");
                    InText = InText.Replace("/", "");
                    InText = InText.Replace("?", "");
                    InText = InText.Replace(">?", "");
                    InText = InText.Replace("?<", "");
                    InText = InText.Replace(" ", "");
                    return InText;
                }
            }
  • 相关阅读:
    代码手动修改约束(AutoLayout)
    iOS开发中手机号码和价格金额有效性判断及特殊字符的限制
    Mac下如何显示隐藏文件/文件夹
    Exp8 Web综合 20181308
    20181308 邵壮 Exp7 网络欺诈防范
    20181308 邵壮 Exp6 MSF应用基础
    重现Vim任意代码执行漏洞(CVE-2019-12735) 20181308
    密码引擎-加密API研究 20181308邵壮
    密码引擎-加密API实现与测试 20181308邵壮
    Exp5 信息搜集与漏洞扫描 20181308邵壮
  • 原文地址:https://www.cnblogs.com/MySpace/p/1599871.html
Copyright © 2011-2022 走看看