一般般的防sql和javascript的函数
public string SqlFilter2(string InText)
{
string word = "and|exec|insert|select|delete|update|chr|mid|master|or|truncate|char|declare|join|script|SCRIPT|";
returnstr = InText;
if (InText.Length != 0)
{
foreach (string mystr in word.Split('|'))
{
if (InText.IndexOf(mystr, 0) != -1 && mystr.Length != 0)
{
returnstr = returnstr.Replace(mystr, "新昌在线");
i++;
}
}
}
if (i == 0)
{
returnstr = InText;
}
return returnstr;
}
{
string word = "and|exec|insert|select|delete|update|chr|mid|master|or|truncate|char|declare|join|script|SCRIPT|";
returnstr = InText;
if (InText.Length != 0)
{
foreach (string mystr in word.Split('|'))
{
if (InText.IndexOf(mystr, 0) != -1 && mystr.Length != 0)
{
returnstr = returnstr.Replace(mystr, "新昌在线");
i++;
}
}
}
if (i == 0)
{
returnstr = InText;
}
return returnstr;
}
