不过是java开发还是C#开发或者PHP的开发中,都需要关注SQL注入攻击的安全性问题,为了保证客户端提交过来的数据不会产生SQL注入的风险,我们需要对接收的数据进行危险字符过滤来防范SQL注入攻击的危险,以下是C#防止SQL注入攻击的一个危险字符过滤函数,过滤掉相应的数据库关键字。
主要过滤两类字符:(1)一些SQL中的标点符号,如@,*以及单引号等等;(2)过滤数据库关键字select、insert、delete from、drop table、truncate、mid、delete、update、truncate、declare、master、script、exec、net user、drop等关键字或者关键词。
public string nohtml(string htmlstring) { if (htmlstring == null) { return ""; } else { //删失脚本 htmlstring = regex.replace(htmlstring, @"<script[^>]*?>.*?</script>", "", regexoptions.ignorecase); //删失html htmlstring = regex.replace(htmlstring, @"<(.[^>]*)>", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"([\r\n])[\s]+", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"-->", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"<!--.*", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(quot|#34);", "\"", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(amp|#38);", "&", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(lt|#60);", "<", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(gt|#62);", ">", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(nbsp|#160);", " ", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(iexcl|#161);", "\xa1", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(cent|#162);", "\xa2", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(pound|#163);", "\xa3", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&(copy|#169);", "\xa9", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, @"&#(\d+);", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "xp_cmdshell", "", regexoptions.ignorecase); //删失与数据库相干的词 htmlstring = regex.replace(htmlstring, "select", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "inse", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "delete from", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "count''", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "drop table", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "truncate", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "asc", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "mid", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "char", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "xp_cmdshell", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "exec master", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "net localgroup administrators", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "and", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "net user", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "or", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "net", "", regexoptions.ignorecase); //htmlstring = regex.replace(htmlstring, "www.xue2.cn", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "-", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "delete", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "drop", "", regexoptions.ignorecase); htmlstring = regex.replace(htmlstring, "script", "", regexoptions.ignorecase); //特别的字符 htmlstring = htmlstring.replace("<", ""); htmlstring = htmlstring.replace(">", ""); htmlstring = htmlstring.replace("*", ""); htmlstring = htmlstring.replace("-", ""); htmlstring = htmlstring.replace("?", ""); htmlstring = htmlstring.replace("'", "''"); htmlstring = htmlstring.replace(",", ""); htmlstring = htmlstring.replace("/", ""); htmlstring = htmlstring.replace(";", ""); htmlstring = htmlstring.replace("*/", ""); htmlstring = htmlstring.replace("\r\n", ""); htmlstring = httpcontext.current.server.htmlencode(htmlstring).trim(); return htmlstring; } } }