zoukankan      html  css  js  c++  java
  • 过滤非法字符

    /// <summary>
            /// 过滤非法字符
            /// </summary>
            /// <param name="inputString1">等待处理的字符串</param>
            /// <returns></returns>
            public static string ClearRequest(object inputString1)
            {
                if (inputString1 == null) return "";
                string inputString = inputString1.ToString();
                StringBuilder retVal = new StringBuilder();
                if (inputString != String.Empty)
                {
                    inputString = inputString.Trim();
                    for (int i = 0; i < inputString.Length; i++)
                    {
                        switch (inputString[i])
                        {
                            case '"':
                                retVal.Append("");
                                break;
                            case '<':
                                retVal.Append("");
                                break;
                            case '>':
                                retVal.Append("");
                                break;

                            default:
                                retVal.Append(inputString[i]);
                                break;
                        }
                    }
                    retVal = retVal.Replace("'", "");
                    retVal = retVal.Replace("/", "");
                    retVal = retVal.Replace("#", "");
                     retVal = retVal.Replace(".", "");
                    retVal = retVal.Replace("*", "");
                    retVal = retVal.Replace("+", "");
                    retVal = retVal.Replace("-", "");
                    retVal = retVal.Replace("$", "");
                    retVal = retVal.Replace("@", "");
                    retVal = retVal.Replace("!", "");
                    retVal = retVal.Replace(";", "");
                    retVal = retVal.Replace(":", "");
                    retVal = retVal.Replace("\\", "");
                    retVal = retVal.Replace("%", "");
                    retVal = retVal.Replace("insert", "");
                    retVal = retVal.Replace("INSERT", "");
                    retVal = retVal.Replace("select", "");
                    retVal = retVal.Replace("SELECT", "");
                    retVal = retVal.Replace("delete", "");
                    retVal = retVal.Replace("DELETE", "");
                    retVal = retVal.Replace("create", "");
                    retVal = retVal.Replace("CREATE", "");
                    retVal = retVal.Replace("drop", "");
                    retVal = retVal.Replace("DROP", "");
                    retVal = retVal.Replace("alter", "");
                    retVal = retVal.Replace("ALTER", "");
                    retVal = retVal.Replace("or", "");
                    retVal = retVal.Replace("OR", "");
                    retVal = retVal.Replace("and", "");
                    retVal = retVal.Replace("AND", "");
                   
                }
                return retVal.ToString();
            }

     

  • 相关阅读:
    CAS单点登录(一)——初识SSO
    Sql Server 增加字段、修改字段、修改类型、修改默认值
    SQL 聚合函数-非聚合函数
    漫画:什么是中台?
    windows下nginx的安装及使用
    sql优化点
    如何处理sql中的关键字(例如',%)
    Mysql 如何创建一张临时表
    MySQL中information_schema是什么
    mysql查看表结构命令,如下:
  • 原文地址:https://www.cnblogs.com/di305449473/p/1193298.html
Copyright © 2011-2022 走看看