触发器里过滤非法字符:
Code
CREATE trigger Trigger_Update_NewsTitle on News_Article for update as begin declare @Id int,@count1 int,@count2 int,@ColumnLen,@shortCount int Select @count1 = charindex('SCRIPT',upper(news_title)) FROM inserted Select @count2 =charindex('IFRAME',upper(news_title)) FROM inserted if(@count2 >0) begin update A SET news_title = replace(A.news_title,substring(A.news_title,charindex('IFRAME',upper(A.news_title)),charindex('/IFRAME',upper(A.news_title))+7),'') from news_article as A,inserted as B where A.Id = B.id end if(@count1>0) begin update A SET news_title = replace(A.news_title,substring(A.news_title,charindex('SCRIPT',upper(A.news_title)),charindex('/SCRIPT',upper(A.news_title))+7),'') from news_article as A,inserted as B where A.Id = B.id end update A SET A.news_title =replace(replace(replace(replace(replace( replace(upper(A.news_title),char(34),''),'>',''),'<',''),'<a',''),' HREF',''),'=','') from news_article as A,inserted as B where A.Id = B.id SELECT @ColumnLen=len(A.news_title) from news_article as A,inserted as B where A.Id = B.id if(@ColumnLen < 5) begin select @shortcount = charindex('SCRIPT',upper(news_shorttitle)) FROM inserted if(@shortcount = 0) begin --用短标题替换标题 update A SET A.news_title = A.news_shorttitle from news_article as A,inserted as B where A.Id = B.id end endend
触发器里过滤非法信息:
Codecreate trigger tr_topic_insert on [你的表]
for insert
as
declare @topicid int -- 文章id
declare @content varchar(2000)
select @topicid = topicid ,@content = content from inserted
if( charindex('代办',@content) > 0 or charindex('发票',@content) > 0 )
delete from [你的表] where topicid = @topicid
go
存储过程过滤非法信息:
Code-- 发表帖子
create procedure p_topic_insert
@userid int = 0,
@topicid int = 0 , 论坛id
@title varchar(100) = '', --标题
@content varchar(2000) ='' -- 内容
as
if( charindex('办证',@conent) > 0)
return
if( charindex('发票',@conent) > 0)
return
。。。
。。。
。。。
insert into t_topic(topicid,userid,title,content) values(@topicid,@userid,@title,@contnet)
go
