过滤特殊字符


'----------------------------------------------------------------'
' checkStr
' 过滤特殊字符,主要是去掉 SQL 关键词
' 参数:
' str 需要被过滤的字符串
' 返回值:字符串 (经过过滤后的字符串)
'----------------------------------------------------------------'
 程序代码

Function checkStr(byVal str)
s = Trim(s)

If IsNull(s) Then
checkStr = ""
Exit Function
End If

str = Replace(str, "&", "& amp;")
str = Replace(str, "'", "'")
str = Replace(str, """", """)

' 正则,替换 SQL 关键词
Dim re
Set re = New RegExp
re.IgnoreCase = True
re.Global = True
re.Pattern = "(w)(here)"
str = re.Replace(str, "$1here")
re.Pattern = "(s)(elect)"
str = re.Replace(str, "$1elect")
re.Pattern = "(i)(nsert)"
str = re.Replace(str, "$1nsert")
re.Pattern = "(c)(reate)"
str = re.Replace(str,"$1reate")
re.Pattern = "(d)(rop)"
str = re.Replace(str, "$1rop")
re.Pattern = "(a)(lter)"
str = re.Replace(str, "$1lter")
re.Pattern = "(d)(elete)"
str = re.Replace(str, "$1elete")
re.Pattern = "(u)(pdate)"
str = re.Replace(str, "$1pdate")
re.Pattern = "(\s)(or)"
str = re.Replace(str, "$1or")
Set re = Nothing
checkStr = str 

End Function 






[本日志由 FindSome 于 2016-07-02 07:39 PM 编辑]
文章来自: 本站原创
引用通告: 查看所有引用 | 我要引用此文章
Tags:
相關日誌:

评论: 0 | 引用: 0 | 查看次数: 285
发表评论
昵 称:
密 码: 游客发言不需要密码.
内 容:
验证码: 验证码
选 项:
虽然发表评论不用注册,但是为了保护您的发言权,建议您注册帐号.
字数限制 1000 字 | UBB代码 关闭 | [img]标签 关闭