复制代码 代码如下:'************************************************** '函数名：R '作 用：过滤非法的SQL字符 '参 数：strChar-----要过滤的字符 '返回值：过滤后的字符 '************************************************** Public Function R(strChar) If strChar = "" Or IsNull(strChar) Then R = "":Exit Function Dim strBadChar, arrBadChar, tempChar, I 'strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,,;,:," & Chr(34) & "," & Chr(0) & "" strBadChar = "+,',--,%,^,&,?,(,),<,>,[,],{,},/,,;,:," & Chr(34) & "," & Chr(0) & "" arrBadChar = Split(strBadChar, ",") tempChar = strChar For I = 0 To UBound(arrBadChar) tempChar = Replace(tempChar, arrBadChar(I), "") Next tempChar = Replace(tempChar, "@@", "@") R = tempChar End Function '过滤xss Function CheckXSS(ByVal strCode) Dim Re Set re=new RegExp re.IgnoreCase =True re.Global=True re.Pattern="<.[^>]*(style).>" strCode = re.Replace(strCode, "") re.Pattern="<(a.[^>]*|/a|li|br|B|/li|/B|font.[^>]*|/font)>" strCode=re.Replace(strCode,"[$1]") strCode=Replace(Replace(strCode, "<", "<"), ">", ">") re.Pattern="[(a.[^]]*|/a|li|br|B|/li|/B|font.[^]]*|/font)]" strCode=re.Replace(strCode,"<$1>") re.Pattern="<.[^>]*(on(load|click|dbclick|mouseover|mouseout|mousedown|mouseup|mousewheel|keydown|submit|change|focus)).>" strCode = re.Replace(strCode, "") Set Re=Nothing CheckXSS=strCode End Function Function FilterIDs(byval strIDs) Dim arrIDs,i,strReturn strIDs=Trim(strIDs) If Len(strIDs)=0 Then Exit Function arrIDs=Split(strIDs,",") For i=0 To Ubound(arrIds) If ChkClng(Trim(arrIDs(i)))<>0 Then strReturn=strReturn & "," & Int(arrIDs(i)) End If Next If Left(strReturn,1)="," Then strReturn=Right(strReturn,Len(strReturn)-1) FilterIDs=strReturn End Function

　　推荐阅读

　　asp IsValidEmail 验证邮箱地址函数(email)

复制代码 代码如下:'******************************************** '函数名：IsValidEmail '作 用：检查Email地址合法性 '参 数：email ----要检查的Email地址 '返回值：True ----Email地址合法 ' False ----Emai>>>详细阅读

本文标题：asp下过滤非法的SQL字符的函数代码

地址：http://www.17bianji.com/kaifa2/ASP/31929.html

 1/2    1