防⽌sql注⼊的⽅法(替换敏感关键字)
public static string FilterSql(string s)
{
if(string.IsNullOrEmpty(s))return string.Empty;
s = s.Trim().ToLower();
s =ClearScript(s);
s = s.Replace("=","");
s = s.Replace("'","");
s = s.Replace(";","");
s = s.Replace(" or ","");
s = s.Replace("select","");
s = s.Replace("update","");
s = s.Replace("insert","");
s = s.Replace("delete","");
s = s.Replace("declare","");
s = s.Replace("exec","");
s = s.Replace("drop","");
s = s.Replace("create","");
s = s.Replace("%","");
s = s.Replace("--","");
return s;
}sql语句替换表中内容
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论