防止SQL注入
1
/// <summary>
2
/// 过滤SQL注入
3
/// </summary>
4
/// <param name="strSQL"></param>
5
/// <returns></returns>
6
public static bool CheckSQLInjection(string strSQL)
7
{
8
if (string.IsNullOrEmpty(strSQL))
9
{
10
return true;
11
}
12
else
13
{
14
Regex RegExpression = new Regex(@"\s");
15
strSQL = RegExpression.Replace(strSQL.Trim().Trim().ToLower().Replace("%20", " "), " ");
16
string Pattern = @"select |insert |delete from |count\(|drop table|update |truncate |asc\(|mid\(|char\(|xp_cmdshell|exec master|net localgroup administrators|:|net user|""|\'| or ";
17![](/Images/OutliningIndicators/InBlock.gif)
18
if (Regex.IsMatch(strSQL, Pattern))
19
{
20
return false;
21
}
22
else
23
{
24
return true;
25
}
26
}
27
}
![](/Images/OutliningIndicators/ExpandedBlockStart.gif)
2
![](/Images/OutliningIndicators/InBlock.gif)
3
![](/Images/OutliningIndicators/InBlock.gif)
4
![](/Images/OutliningIndicators/InBlock.gif)
5
![](/Images/OutliningIndicators/ExpandedBlockEnd.gif)
6
![](/Images/OutliningIndicators/None.gif)
7
![](/Images/OutliningIndicators/ExpandedBlockStart.gif)
8
![](/Images/OutliningIndicators/InBlock.gif)
9
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
10
![](/Images/OutliningIndicators/InBlock.gif)
11
![](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
12
![](/Images/OutliningIndicators/InBlock.gif)
13
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
14
![](/Images/OutliningIndicators/InBlock.gif)
15
![](/Images/OutliningIndicators/InBlock.gif)
16
![](/Images/OutliningIndicators/InBlock.gif)
17
![](/Images/OutliningIndicators/InBlock.gif)
18
![](/Images/OutliningIndicators/InBlock.gif)
19
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
20
![](/Images/OutliningIndicators/InBlock.gif)
21
![](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
22
![](/Images/OutliningIndicators/InBlock.gif)
23
![](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
24
![](/Images/OutliningIndicators/InBlock.gif)
25
![](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
26
![](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
27
![](/Images/OutliningIndicators/ExpandedBlockEnd.gif)