目前只支持单个对象,不支持对象中包含对象
/// <summary> /// 检查SQL中的非法字符 /// </summary> public class SQLInjectionScanner { private static string sqlCheck; static SQLInjectionScanner() { if (string.IsNullOrEmpty(sqlCheck)) { sqlCheck = "declare|exec|varchar|cursor|begin|open|drop|creat|select|truncate"; } } /// <summary> /// /// </summary> /// <param name="functionName"></param> /// <param name="args"></param> public static void CheckForSQLInjection(string functionName, params object[] args) { int argIndex = -1; try { foreach (object item in args) { argIndex++; Type T = item.GetType(); if (T.Name == "String") { CheckForSQLInjectionString(item.ToString()); } else if (T.IsClass && !T.IsValueType) { CheckForSQLInjectionObject(item); } } } catch (ArgumentException ex) { string msg = string.Format("方法{0},{1}", functionName, ex.Message); //记录sql注入的日志 throw new ArgumentException(msg); } catch (Exception ex) { //记录日志 } } /// <summary> /// 字符串验证 /// </summary> /// <param name="inputString"></param> private static void CheckForSQLInjectionString(string inputString) { bool isSQLInjection = CheckForSQLInjectionProcess(inputString, sqlCheck); if (isSQLInjection) { string msg = string.Format("参数有SQL攻击嫌疑,参数值:{0}", inputString); throw new ArgumentException(msg); } } public static void CheckForSQLInjectionObject(object input) { Type t = input.GetType(); var ps = t.GetProperties(); //字段处理 //字段处理 FieldInfo[] fields = t.GetFields(BindingFlags.Public | BindingFlags.Instance); foreach (FieldInfo fi in fields) { string temp = string.Empty; if (fi.FieldType.Name == "String") { object userInput = fi.GetValue(input); if (userInput != null) { bool isSQLInjection = CheckForSQLInjectionProcess(userInput.ToString(), sqlCheck); if (isSQLInjection) { string msg = string.Format("字段{0},参数有SQL攻击嫌疑,参数值:{1}", string.Concat(t.Name, ".", fi.Name), userInput.ToString()); throw new ArgumentException(msg); } } } } //属性处理 foreach (var pi in ps) { if (pi.PropertyType.Name == "String") { object userInput = pi.GetValue(input, null); if (userInput != null) { bool isSQLInjection = CheckForSQLInjectionProcess(userInput.ToString(), sqlCheck); if (isSQLInjection) { string msg = string.Format("字段{0},参数有SQL攻击嫌疑,参数值:{1}", string.Concat(t.Name, ".", pi.Name), userInput.ToString()); throw new ArgumentException(msg); } } } Type tItem = pi.GetType(); } } private static bool CheckForSQLInjectionProcess(string userInput, string sqlCheck) { bool isSQLInjection = false; try { string[] sqlCheckList = sqlCheck.Split('|'); string CheckString = userInput.Replace("'", "''"); for (int i = 0; i <= sqlCheckList.Length - 1; i++) { if ((CheckString.IndexOf(sqlCheckList[i].Trim(), StringComparison.OrdinalIgnoreCase) >= 0)) { isSQLInjection = true; } } } catch { isSQLInjection = false; } return isSQLInjection; } }