js防止sql注入的参数过滤

<script language="javascript">
<!--
var url = location.search;

var re = /select%20|update%20|delete%20|truncate%20|join%20|union%20|exec%20|insert%20|drop%20|count|’|"|;|>|<|%/i;

var e = re.test(url); if(e) { alert("地址中含有非法字符～"); location.href="error.asp"; } //--> <script>

posted @ 2017-05-27 10:26 君子笑而不语阅读(3014) 评论(0) 编辑收藏举报

刷新页面返回顶部

君子笑而不语