• 企业400电话
  • 微网小程序
  • AI电话机器人
  • 电商代运营
  • 全 部 栏 目

    企业400电话 网络优化推广 AI电话机器人 呼叫中心 网站建设 商标✡知产 微网小程序 电商运营 彩铃•短信 增值拓展业务
    asp下过滤非法的SQL字符的函数代码
    复制代码 代码如下:

    '**************************************************
    '函数名:R
    '作 用:过滤非法的SQL字符
    '参 数:strChar-----要过滤的字符
    '返回值:过滤后的字符
    '**************************************************
    Public Function R(strChar)
    If strChar = "" Or IsNull(strChar) Then R = "":Exit Function
    Dim strBadChar, arrBadChar, tempChar, I
    'strBadChar = "$,#,',%,^,,?,(,),,>,[,],{,},/,\,;,:," Chr(34) "," Chr(0) ""
    strBadChar = "+,',--,%,^,,?,(,),,>,[,],{,},/,\,;,:," Chr(34) "," Chr(0) ""
    arrBadChar = Split(strBadChar, ",")
    tempChar = strChar
    For I = 0 To UBound(arrBadChar)
    tempChar = Replace(tempChar, arrBadChar(I), "")
    Next
    tempChar = Replace(tempChar, "@@", "@")
    R = tempChar
    End Function
    '过滤xss
    Function CheckXSS(ByVal strCode)
    Dim Re
    Set re=new RegExp
    re.IgnoreCase =True
    re.Global=True
    re.Pattern=".[^>]*(style).>"
    strCode = re.Replace(strCode, "")
    re.Pattern="(a.[^>]*|\/a|li|br|B|\/li|\/B|font.[^>]*|\/font)>"
    strCode=re.Replace(strCode,"[$1]")
    strCode=Replace(Replace(strCode, "", "lt;"), ">", "gt;")
    re.Pattern="\[(a.[^\]]*|\/a|li|br|B|\/li|\/B|font.[^\]]*|\/font)\]"
    strCode=re.Replace(strCode,"$1>")
    re.Pattern=".[^>]*(on(load|click|dbclick|mouseover|mouseout|mousedown|mouseup|mousewheel|keydown|submit|change|focus)).>"
    strCode = re.Replace(strCode, "")
    Set Re=Nothing
    CheckXSS=strCode
    End Function

    Function FilterIDs(byval strIDs)
    Dim arrIDs,i,strReturn
    strIDs=Trim(strIDs)
    If Len(strIDs)=0 Then Exit Function
    arrIDs=Split(strIDs,",")
    For i=0 To Ubound(arrIds)
    If ChkClng(Trim(arrIDs(i)))>0 Then
    strReturn=strReturn "," Int(arrIDs(i))
    End If
    Next
    If Left(strReturn,1)="," Then strReturn=Right(strReturn,Len(strReturn)-1)
    FilterIDs=strReturn
    End Function
    上一篇:ASP URL反编码函数代码
    下一篇:asp IsValidEmail 验证邮箱地址函数(email)
  • 相关文章
  • 

    © 2016-2020 巨人网络通讯 版权所有

    《增值电信业务经营许可证》 苏ICP备15040257号-8

    asp下过滤非法的SQL字符的函数代码 asp,下,过滤,非法,的,SQL,