Code/// <summary>
/// 检查是否含有非法字符
/// </summary>
/// <param name="str">要检查的字符串 </param>
/// <returns> </returns>
public static bool ChkBadChar(string str)
{
bool result = false;
if (string.IsNullOrEmpty(str))
return result;
string strBadChar, tempChar;
string[] arrBadChar;
strBadChar = "@@,+,',--,%,^,&,?,(,), <,>,[,],{,},/,\\,;,:,\",\"\"";
arrBadChar = SplitString(strBadChar, ",");
tempChar = str;
for (int i = 0; i < arrBadChar.Length; i++)
{
if (tempChar.IndexOf(arrBadChar[i]) >= 0)
result = true;
}
return result;
}
/// <summary>
/// 过滤非法字符
/// </summary>
/// <param name="str"> </param>
/// <returns> </returns>
public static string ReplaceBadChar(string str)
{
if (string.IsNullOrEmpty(str))
return "";
string strBadChar, tempChar;
string[] arrBadChar;
strBadChar = "@@,+,',--,%,^,&,?,(,), <,>,[,],{,},/,\\,;,:,\",\"\"";
arrBadChar = SplitString(strBadChar, ",");
tempChar = str;
for (int i = 0; i < arrBadChar.Length; i++)
{
if (arrBadChar[i].Length > 0)
tempChar = tempChar.Replace(arrBadChar[i], "");
}
return tempChar;
}
/// <summary>
/// 替换sql语句中的有问题符号
/// </summary>
public static string ReplaceBadSQL(string str)
{
string str2 = "";
if (string.IsNullOrEmpty(str))
{
return "";
}
string str1 = str;
string[] strArray = new string[] { "'", "--" };
StringBuilder builder = new StringBuilder(str1);
for (int i = 0; i < strArray.Length; i++)
{
str2 = builder.Replace(strArray[i], "").ToString();
}
return builder.Replace("@@", "@").ToString();
}
浙公网安备 33010602011771号