/// <summary>
/// 过滤非法字符
/// </summary>
/// <param name="inputString1">等待处理的字符串</param>
/// <returns></returns>
public static string ClearRequest(object inputString1)
{
if (inputString1 == null) return "";
string inputString = inputString1.ToString();
StringBuilder retVal = new StringBuilder();
if (inputString != String.Empty)
{
inputString = inputString.Trim();
for (int i = 0; i < inputString.Length; i++)
{
switch (inputString[i])
{
case '"':
retVal.Append("");
break;
case '<':
retVal.Append("");
break;
case '>':
retVal.Append("");
break;
default:
retVal.Append(inputString[i]);
break;
}
}
retVal = retVal.Replace("'", "");
retVal = retVal.Replace("/", "");
retVal = retVal.Replace("#", "");
retVal = retVal.Replace(".", "");
retVal = retVal.Replace("*", "");
retVal = retVal.Replace("+", "");
retVal = retVal.Replace("-", "");
retVal = retVal.Replace("$", "");
retVal = retVal.Replace("@", "");
retVal = retVal.Replace("!", "");
retVal = retVal.Replace(";", "");
retVal = retVal.Replace(":", "");
retVal = retVal.Replace("\\", "");
retVal = retVal.Replace("%", "");
retVal = retVal.Replace("insert", "");
retVal = retVal.Replace("INSERT", "");
retVal = retVal.Replace("select", "");
retVal = retVal.Replace("SELECT", "");
retVal = retVal.Replace("delete", "");
retVal = retVal.Replace("DELETE", "");
retVal = retVal.Replace("create", "");
retVal = retVal.Replace("CREATE", "");
retVal = retVal.Replace("drop", "");
retVal = retVal.Replace("DROP", "");
retVal = retVal.Replace("alter", "");
retVal = retVal.Replace("ALTER", "");
retVal = retVal.Replace("or", "");
retVal = retVal.Replace("OR", "");
retVal = retVal.Replace("and", "");
retVal = retVal.Replace("AND", "");
}
return retVal.ToString();
}
,
这个送给你!