js防止sql注入的参数过滤

js防止sql注入的参数过滤

<script language="javascript">
<!--
var url = location.search;
var re = /select%20|update%20|delete%20|truncate%20|join%20|union%20|exec%20|insert%20|drop%20|count|’|"|;|>|<|%/i;
var e = re.test(url); if(e) { alert("地址中含有非法字符~"); location.href="error.asp"; } //--> <script>

 

posted @ 2017-05-27 10:26  君子笑而不语  阅读(3022)  评论(0编辑  收藏  举报